Sponsored
MoonPay
Buy, sell and swap Ethereum with MoonPay.Buy Now!
Spend less on fees, more on crypto. Buy crypto easily with MoonPay Balance. 20M+ users trust MoonPay worldwide.
MetaMask
Manage your web3 everything with MetaMask. Try Now!
Ready to onboard to Ethereum? With MetaMask, you're in control.
eToro
One-stop crypto shop: trusted, simple & safe.
Don’t invest unless you’re prepared to lose all the money you invest.
Sponsored
Сoins.game
100 free spins for registration. Spin now!
Everyday giveaways up to 100 ETH, Lucky Spins. Deposit BONUS 300% and Cashbacks!
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
Stake
200% Bonus, 100K Daily Giveaways, Instant Withdrawals Play Now!
Slots, Roulette, Poker & more - Proud sponsors of UFC, Everton & StakeF1 team!
Sponsored
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
CryptoSlots
Play & Get 25 Free Spins at CryptoSlots Play Now
Anonymous play on awesome games - sign up now for 25 free jackpot spins - worth $100s!
CryptoWins
200% More Funds to Play on Us up to 4 BTC! Claim Now!
100s of games, generous bonuses, 20+ years of trusted gaming. Join CryptoWins & start winning today!
ERC-20
Add Token to MetaMask (Web3)Overview
Max Total Supply
1,238,912,493.951657467752540175 Ascend
Holders
120
Market
Onchain Market Cap
$0.00
Circulating Supply Market Cap
-
Other Info
Token Contract (WITH 18 Decimals)
Balance
18,496,705.979320620571141662 AscendValue
$0.00Loading...
Loading
Loading...
Loading
Loading...
Loading
| # | Exchange | Pair | Price | 24H Volume | % Volume |
|---|
Contract Source Code Verified (Exact Match)
Contract Name:
Ascendant
Compiler Version
v0.8.27+commit.40a35a09
Optimization Enabled:
Yes with 200 runs
Other Settings:
cancun EvmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {wdiv, wmul, sub, wpow, sqrt} from "@utils/Math.sol";
import {AscendantPride} from "@core/AscendantPride.sol";
import {FullMath} from "v3-core/contracts/libraries/FullMath.sol";
import {AscendantAuction} from "./AscendantAuction.sol";
import {AscendantBuyAndBurn} from "./AscendantBuyAndBurn.sol";
import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import {IUniswapV3Pool} from "v3-core/contracts/interfaces/IUniswapV3Pool.sol";
import {IQuoter} from "@uniswap/v3-periphery/contracts/interfaces/IQuoter.sol";
import {Ownable2Step, Ownable} from "@openzeppelin/contracts/access/Ownable2Step.sol";
import {ERC20Burnable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
import {INonfungiblePositionManager} from "@uniswap/v3-periphery/contracts/interfaces/INonfungiblePositionManager.sol";
/**
* @title Ascendant Token Contract
* @author Decentra
* @notice Implementation of a hyper-deflationary token with Uniswap V3 integration and DragonX ecosystem rewards
* @dev Contract inherits ERC20Burnable for token burns and Ownable2Step for secure ownership management
* Integrates with:
* - Uniswap V3 for primary liquidity pool (DragonX/Ascendant pair)
* - AscendantAuction for daily token distributions
* - AscendantPride for post-day-10 auction mechanics
* - AscendantBuyAndBurn for deflationary mechanisms
* Features:
* - Fixed max supply of 1.155B tokens
* - Initial liquidity of 5M tokens
* - Daily auctions for first 10 days
* - Automated buy-and-burn mechanism
* - DragonX ecosystem rewards distribution
*/
contract Ascendant is ERC20Burnable, Ownable2Step {
using FullMath for uint256;
/* ==== IMMUTABLES ==== */
/**
* @notice The immutable address of the Uniswap V3 pool for DragonX/Ascendant pair
*/
address public immutable dragonXAscendantPool;
/* ==== STATE ==== */
/**
* @notice The auction contract responsible for daily token distributions
*/
AscendantAuction public auction;
/**
* @notice The buy and burn contract that manages token burning mechanics
*/
AscendantBuyAndBurn public buyAndBurn;
/**
* @notice The pride contract that manages tokens for future auctions after day 10
*/
AscendantPride public ascendantPride;
/* ==== ERRORS ==== */
error OnlyAuction();
/* ==== CONSTRUCTOR ==== */
/**
* @notice Initializes the Ascendant token and creates the initial DragonX/Ascendant liquidity pool
* @dev Sets up initial token supply and creates Uniswap V3 pool for DragonX/Ascendant pair
* @param _titanX Address of the TitanX token contract used for minting and auctions
* @param _dragonX Address of the DragonX token contract for liquidity pairing
* @param _quoter Address of the Uniswap V3 Quoter contract for price calculations
* @param _uniswapV3PositionManager Address of the Uniswap V3 NonfungiblePositionManager
*/
constructor(address _titanX, address _dragonX, address _quoter, address _uniswapV3PositionManager)
payable
ERC20("Ascendant.win", "Ascend")
Ownable(msg.sender)
{
_mint(LIQUIDITY_BONDING, 50_000_000e18);
_mint(msg.sender, INITIAL_TO_ASCENDANT_PRIDE);
dragonXAscendantPool = _createUniswapV3Pool(_titanX, _dragonX, _quoter, _uniswapV3PositionManager);
}
//==========================//
//=========MODIFIERS========//
//==========================//
/**
* @dev Modifier to ensure the function is called only by the Auction contract.
* Uses _onlyAuction() instead of inline check for gas optimization.
*/
modifier onlyAuction() {
_onlyAuction();
_;
}
//==========================//
//=========EXTERNAL=========//
//==========================//
/**
* @notice Sets the address of the AscendantAuction contract
* @dev Updates both the auction contract reference and retrieves the associated pride contract
* @param _ascendantAuction Address of the new auction contract
*/
function setAscendantAuction(address payable _ascendantAuction) external onlyOwner {
auction = AscendantAuction(_ascendantAuction);
ascendantPride = auction.ascendantPride();
}
/**
* @notice Sets the address of the AscendantBuyAndBurn contract
* @dev Updates the contract reference for the buy and burn mechanism
* @param _ascendantBuyAndBurn Address of the new buy and burn contract
*/
function setAscendantBuyAndBurn(address _ascendantBuyAndBurn) external onlyOwner {
buyAndBurn = AscendantBuyAndBurn(_ascendantBuyAndBurn);
}
/**
* @notice Mints daily auction tokens
* @dev Mints AUCTION_EMIT amount of tokens to the auction contract
* @return emitted Amount of tokens minted for the auction
*/
function emitForAuction() external onlyAuction returns (uint256 emitted) {
emitted = AUCTION_EMIT;
_mint(address(auction), emitted);
}
/**
* @notice Mints initial liquidity tokens
* @dev Mints INITIAL_ASCENDANT_FOR_LP tokens to the auction contract for LP formation
* @return emitted Amount of tokens minted for initial liquidity
*/
function emitForLp() external onlyAuction returns (uint256 emitted) {
emitted = INITIAL_ASCENDANT_FOR_LP;
_mint(address(auction), emitted);
}
//==========================//
//=========INTERNAL=========//
//==========================//
/**
* @dev Private method is used instead of inlining into modifier because modifiers are copied into each method,
* and the use of immutable means the address bytes are copied in every place the modifier is used.
*/
function _onlyAuction() internal view {
if (msg.sender != address(auction)) revert OnlyAuction();
}
/**
* @notice Creates and initializes a Uniswap V3 pool for DragonX/Ascendant pair
* @dev Sets up initial liquidity ratio and configures pool parameters.
* @param _titanX Address of the TitanX token used to calculate initial DragonX amount
* @param _dragonX Address of the DragonX token for pool pairing
* @param UNISWAP_V3_QUOTER Address of Uniswap V3 Quoter contract for price calculations
* @param UNISWAP_V3_POSITION_MANAGER Address of Uniswap V3 NonfungiblePositionManager
* @return _pool Address of the newly created Uniswap V3 pool
*/
function _createUniswapV3Pool(
address _titanX,
address _dragonX,
address UNISWAP_V3_QUOTER,
address UNISWAP_V3_POSITION_MANAGER
) internal returns (address _pool) {
address _ascendant = address(this);
IQuoter quoter = IQuoter(UNISWAP_V3_QUOTER);
bytes memory path = abi.encodePacked(address(_titanX), POOL_FEE, address(_dragonX));
uint256 dragonXAmount = quoter.quoteExactInput(path, INITIAL_TITAN_X_FOR_LIQ);
uint256 ascendantAmount = INITIAL_ASCENDANT_FOR_LP;
(address token0, address token1) = _ascendant < _dragonX ? (_ascendant, _dragonX) : (_dragonX, _ascendant);
(uint256 amount0, uint256 amount1) =
token0 == _dragonX ? (dragonXAmount, ascendantAmount) : (ascendantAmount, dragonXAmount);
uint160 sqrtPX96 = uint160((sqrt((amount1 * 1e18) / amount0) * 2 ** 96) / 1e9);
INonfungiblePositionManager manager = INonfungiblePositionManager(UNISWAP_V3_POSITION_MANAGER);
_pool = manager.createAndInitializePoolIfNecessary(token0, token1, POOL_FEE, sqrtPX96);
IUniswapV3Pool(_pool).increaseObservationCardinalityNext(uint16(200));
}
}// SPDX-License-Identifier: MIT pragma solidity 0.8.27; address constant DEAD_ADDR = 0x000000000000000000000000000000000000dEaD; address constant LIQUIDITY_BONDING = 0xC3F351f58b4CAF38fd76623c1bED015E59107506; address constant GENESIS_WALLET_1 = 0x7671fd00048aB79C7D2aeCd035a3712C8eD52Aa5; address constant GENESIS_WALLET_2 = 0x0a71b0F495948C4b3C3b9D0ADa939681BfBEEf30; address constant TITANX_WETH_POOL = 0xc45A81BC23A64eA556ab4CdF08A86B61cdcEEA8b; // Percentages in basis points uint64 constant GENESIS = 0.08e18; // 8% uint64 constant INCENTIVE_FEE = 0.015e18; //1.5% uint64 constant HALF = 0.5e18; // 50% uint64 constant THIRTY_PERCENT = 0.3e18; // 30% uint64 constant SEVENTY_PERCENT = 0.7e18; // 70% uint64 constant DRAGONX_TO_ASCENDANT_RATIO = 0.8e18; // 80% uint64 constant DRAGONX_TO_REWARD_POOL_RATIO = 0.2e18; // 20% uint64 constant TITANX_TO_TINC_RATIO = 0.2e18; // 20% uint64 constant TITANX_TO_DRAGONX_RATIO = 0.72e18; // 72% uint64 constant ASCENDANT_REDEEM_TAX = 0.06e18; // 6% uint64 constant ASCENDANT_NFT_SALE_FEE = 0.01e18; // 1% uint64 constant TITAN_X_LP_TAX = 0.01e18; // 1% uint8 constant DAY_10 = 10; uint8 constant TIER_1 = 1; uint8 constant TIER_2 = 2; uint8 constant TIER_3 = 3; uint8 constant TIER_4 = 4; uint8 constant TIER_5 = 5; uint8 constant TIER_6 = 6; uint8 constant TIER_7 = 7; uint8 constant TIER_8 = 8; uint8 constant NUMBER_OF_NFT_IMAGES_PER_TIER = 10; uint64 constant TIER_1_PERCENTAGE = 1.01e18; // 1% uint64 constant TIER_2_PERCENTAGE = 1.02e18; // 2% uint64 constant TIER_3_PERCENTAGE = 1.03e18; // 3% uint64 constant TIER_4_PERCENTAGE = 1.04e18; // 4% uint64 constant TIER_5_PERCENTAGE = 1.05e18; // 5% uint64 constant TIER_6_PERCENTAGE = 1.06e18; // 6% uint64 constant TIER_7_PERCENTAGE = 1.07e18; // 7% uint64 constant TIER_8_PERCENTAGE = 1.08e18; // 8% uint32 constant MIN_DURATION = 8 days; uint32 constant THREE_MONTHS_DURATION = 90 days; uint256 constant INITIAL_TO_ASCENDANT_PRIDE = 288_000_000e18; uint256 constant ASCENDANT_TIER_1 = 7_812.5e18; // 7,812.5 Ascendant with 18 decimals uint256 constant ASCENDANT_TIER_2 = 15_625e18; // 15,625 Ascendant with 18 decimals uint256 constant ASCENDANT_TIER_3 = 31_250e18; // 31,250 Ascendant with 18 decimals uint256 constant ASCENDANT_TIER_4 = 62_500e18; // 62,500 Ascendant with 18 decimals uint256 constant ASCENDANT_TIER_5 = 125_000e18; // 125,000 Ascendant with 18 decimals uint256 constant ASCENDANT_TIER_6 = 250_000e18; // 250,000 Ascendant with 18 decimals uint256 constant ASCENDANT_TIER_7 = 500_000e18; // 500,000 Ascendant with 18 decimals uint256 constant ASCENDANT_TIER_8 = 1_000_000e18; // 1,000,000 Ascendant with 18 decimals // Reward pools distribution uint64 constant DAY8POOL_DIST = 0.5e18; // 50% uint64 constant DAY28POOL_DIST = 0.25e18; // 25% uint64 constant DAY90POOL_DIST = 0.25e18; // 25% uint64 constant DISTRIBUTION_FROM_THE_ASCENDANT = 0.08e18; // 8% uint64 constant WAD = 1e18; uint32 constant NFT_ATTRIBUTE_RANDOM_NUMBER = 144; /// @dev 288 * 5 = 24 hours uint16 constant INTERVAL_TIME = 5 minutes; uint16 constant INTERVALS_PER_DAY = uint16(24 hours / INTERVAL_TIME); uint24 constant POOL_FEE = 10_000; // 1% int16 constant TICK_SPACING = 200; // Uniswap's tick spacing for 1% pools is 200 ///@dev The initial titanX amount needed to create liquidity pool uint256 constant INITIAL_TITAN_X_FOR_LIQ = 14_000_000_000e18; uint256 constant AUCTION_EMIT = 100_000_000e18; ///@dev The intial Ascendant that pairs with the initial TitanX uint256 constant INITIAL_ASCENDANT_FOR_LP = 5_000_000e18;
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/Math.sol)
pragma solidity ^0.8.20;
import {Panic} from "../Panic.sol";
import {SafeCast} from "./SafeCast.sol";
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an success flag (no overflow).
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an success flag (no overflow).
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an success flag (no overflow).
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a success flag (no division by zero).
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b == 0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero).
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
unchecked {
if (b == 0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
*
* IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
* However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
* one branch when needed, making this function more expensive.
*/
function ternary(bool condition, uint256 a, uint256 b) internal pure returns (uint256) {
unchecked {
// branchless ternary works because:
// b ^ (a ^ b) == a
// b ^ 0 == b
return b ^ ((a ^ b) * SafeCast.toUint(condition));
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a > b, a, b);
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return ternary(a < b, a, b);
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
Panic.panic(Panic.DIVISION_BY_ZERO);
}
// The following calculation ensures accurate ceiling division without overflow.
// Since a is non-zero, (a - 1) / b will not overflow.
// The largest possible result occurs when (a - 1) / b is type(uint256).max,
// but the largest value we can obtain is type(uint256).max - 1, which happens
// when a = type(uint256).max and b = 1.
unchecked {
return SafeCast.toUint(a > 0) * ((a - 1) / b + 1);
}
}
/**
* @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
*
* Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use
// the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2²⁵⁶ + prod0.
uint256 prod0 = x * y; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0.
if (denominator <= prod1) {
Panic.panic(ternary(denominator == 0, Panic.DIVISION_BY_ZERO, Panic.UNDER_OVERFLOW));
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such
// that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv ≡ 1 mod 2⁴.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2⁸
inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶
inverse *= 2 - denominator * inverse; // inverse mod 2³²
inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴
inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸
inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is
// less than 2²⁵⁶, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @dev Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
return mulDiv(x, y, denominator) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0);
}
/**
* @dev Calculate the modular multiplicative inverse of a number in Z/nZ.
*
* If n is a prime, then Z/nZ is a field. In that case all elements are inversible, except 0.
* If n is not a prime, then Z/nZ is not a field, and some elements might not be inversible.
*
* If the input value is not inversible, 0 is returned.
*
* NOTE: If you know for sure that n is (big) a prime, it may be cheaper to use Fermat's little theorem and get the
* inverse using `Math.modExp(a, n - 2, n)`. See {invModPrime}.
*/
function invMod(uint256 a, uint256 n) internal pure returns (uint256) {
unchecked {
if (n == 0) return 0;
// The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version)
// Used to compute integers x and y such that: ax + ny = gcd(a, n).
// When the gcd is 1, then the inverse of a modulo n exists and it's x.
// ax + ny = 1
// ax = 1 + (-y)n
// ax ≡ 1 (mod n) # x is the inverse of a modulo n
// If the remainder is 0 the gcd is n right away.
uint256 remainder = a % n;
uint256 gcd = n;
// Therefore the initial coefficients are:
// ax + ny = gcd(a, n) = n
// 0a + 1n = n
int256 x = 0;
int256 y = 1;
while (remainder != 0) {
uint256 quotient = gcd / remainder;
(gcd, remainder) = (
// The old remainder is the next gcd to try.
remainder,
// Compute the next remainder.
// Can't overflow given that (a % gcd) * (gcd // (a % gcd)) <= gcd
// where gcd is at most n (capped to type(uint256).max)
gcd - remainder * quotient
);
(x, y) = (
// Increment the coefficient of a.
y,
// Decrement the coefficient of n.
// Can overflow, but the result is casted to uint256 so that the
// next value of y is "wrapped around" to a value between 0 and n - 1.
x - y * int256(quotient)
);
}
if (gcd != 1) return 0; // No inverse exists.
return ternary(x < 0, n - uint256(-x), uint256(x)); // Wrap the result if it's negative.
}
}
/**
* @dev Variant of {invMod}. More efficient, but only works if `p` is known to be a prime greater than `2`.
*
* From https://en.wikipedia.org/wiki/Fermat%27s_little_theorem[Fermat's little theorem], we know that if p is
* prime, then `a**(p-1) ≡ 1 mod p`. As a consequence, we have `a * a**(p-2) ≡ 1 mod p`, which means that
* `a**(p-2)` is the modular multiplicative inverse of a in Fp.
*
* NOTE: this function does NOT check that `p` is a prime greater than `2`.
*/
function invModPrime(uint256 a, uint256 p) internal view returns (uint256) {
unchecked {
return Math.modExp(a, p - 2, p);
}
}
/**
* @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m)
*
* Requirements:
* - modulus can't be zero
* - underlying staticcall to precompile must succeed
*
* IMPORTANT: The result is only valid if the underlying call succeeds. When using this function, make
* sure the chain you're using it on supports the precompiled contract for modular exponentiation
* at address 0x05 as specified in https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise,
* the underlying function will succeed given the lack of a revert, but the result may be incorrectly
* interpreted as 0.
*/
function modExp(uint256 b, uint256 e, uint256 m) internal view returns (uint256) {
(bool success, uint256 result) = tryModExp(b, e, m);
if (!success) {
Panic.panic(Panic.DIVISION_BY_ZERO);
}
return result;
}
/**
* @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m).
* It includes a success flag indicating if the operation succeeded. Operation will be marked as failed if trying
* to operate modulo 0 or if the underlying precompile reverted.
*
* IMPORTANT: The result is only valid if the success flag is true. When using this function, make sure the chain
* you're using it on supports the precompiled contract for modular exponentiation at address 0x05 as specified in
* https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, the underlying function will succeed given the lack
* of a revert, but the result may be incorrectly interpreted as 0.
*/
function tryModExp(uint256 b, uint256 e, uint256 m) internal view returns (bool success, uint256 result) {
if (m == 0) return (false, 0);
assembly ("memory-safe") {
let ptr := mload(0x40)
// | Offset | Content | Content (Hex) |
// |-----------|------------|--------------------------------------------------------------------|
// | 0x00:0x1f | size of b | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x20:0x3f | size of e | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x40:0x5f | size of m | 0x0000000000000000000000000000000000000000000000000000000000000020 |
// | 0x60:0x7f | value of b | 0x<.............................................................b> |
// | 0x80:0x9f | value of e | 0x<.............................................................e> |
// | 0xa0:0xbf | value of m | 0x<.............................................................m> |
mstore(ptr, 0x20)
mstore(add(ptr, 0x20), 0x20)
mstore(add(ptr, 0x40), 0x20)
mstore(add(ptr, 0x60), b)
mstore(add(ptr, 0x80), e)
mstore(add(ptr, 0xa0), m)
// Given the result < m, it's guaranteed to fit in 32 bytes,
// so we can use the memory scratch space located at offset 0.
success := staticcall(gas(), 0x05, ptr, 0xc0, 0x00, 0x20)
result := mload(0x00)
}
}
/**
* @dev Variant of {modExp} that supports inputs of arbitrary length.
*/
function modExp(bytes memory b, bytes memory e, bytes memory m) internal view returns (bytes memory) {
(bool success, bytes memory result) = tryModExp(b, e, m);
if (!success) {
Panic.panic(Panic.DIVISION_BY_ZERO);
}
return result;
}
/**
* @dev Variant of {tryModExp} that supports inputs of arbitrary length.
*/
function tryModExp(
bytes memory b,
bytes memory e,
bytes memory m
) internal view returns (bool success, bytes memory result) {
if (_zeroBytes(m)) return (false, new bytes(0));
uint256 mLen = m.length;
// Encode call args in result and move the free memory pointer
result = abi.encodePacked(b.length, e.length, mLen, b, e, m);
assembly ("memory-safe") {
let dataPtr := add(result, 0x20)
// Write result on top of args to avoid allocating extra memory.
success := staticcall(gas(), 0x05, dataPtr, mload(result), dataPtr, mLen)
// Overwrite the length.
// result.length > returndatasize() is guaranteed because returndatasize() == m.length
mstore(result, mLen)
// Set the memory pointer after the returned data.
mstore(0x40, add(dataPtr, mLen))
}
}
/**
* @dev Returns whether the provided byte array is zero.
*/
function _zeroBytes(bytes memory byteArray) private pure returns (bool) {
for (uint256 i = 0; i < byteArray.length; ++i) {
if (byteArray[i] != 0) {
return false;
}
}
return true;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* This method is based on Newton's method for computing square roots; the algorithm is restricted to only
* using integer operations.
*/
function sqrt(uint256 a) internal pure returns (uint256) {
unchecked {
// Take care of easy edge cases when a == 0 or a == 1
if (a <= 1) {
return a;
}
// In this function, we use Newton's method to get a root of `f(x) := x² - a`. It involves building a
// sequence x_n that converges toward sqrt(a). For each iteration x_n, we also define the error between
// the current value as `ε_n = | x_n - sqrt(a) |`.
//
// For our first estimation, we consider `e` the smallest power of 2 which is bigger than the square root
// of the target. (i.e. `2**(e-1) ≤ sqrt(a) < 2**e`). We know that `e ≤ 128` because `(2¹²⁸)² = 2²⁵⁶` is
// bigger than any uint256.
//
// By noticing that
// `2**(e-1) ≤ sqrt(a) < 2**e → (2**(e-1))² ≤ a < (2**e)² → 2**(2*e-2) ≤ a < 2**(2*e)`
// we can deduce that `e - 1` is `log2(a) / 2`. We can thus compute `x_n = 2**(e-1)` using a method similar
// to the msb function.
uint256 aa = a;
uint256 xn = 1;
if (aa >= (1 << 128)) {
aa >>= 128;
xn <<= 64;
}
if (aa >= (1 << 64)) {
aa >>= 64;
xn <<= 32;
}
if (aa >= (1 << 32)) {
aa >>= 32;
xn <<= 16;
}
if (aa >= (1 << 16)) {
aa >>= 16;
xn <<= 8;
}
if (aa >= (1 << 8)) {
aa >>= 8;
xn <<= 4;
}
if (aa >= (1 << 4)) {
aa >>= 4;
xn <<= 2;
}
if (aa >= (1 << 2)) {
xn <<= 1;
}
// We now have x_n such that `x_n = 2**(e-1) ≤ sqrt(a) < 2**e = 2 * x_n`. This implies ε_n ≤ 2**(e-1).
//
// We can refine our estimation by noticing that the middle of that interval minimizes the error.
// If we move x_n to equal 2**(e-1) + 2**(e-2), then we reduce the error to ε_n ≤ 2**(e-2).
// This is going to be our x_0 (and ε_0)
xn = (3 * xn) >> 1; // ε_0 := | x_0 - sqrt(a) | ≤ 2**(e-2)
// From here, Newton's method give us:
// x_{n+1} = (x_n + a / x_n) / 2
//
// One should note that:
// x_{n+1}² - a = ((x_n + a / x_n) / 2)² - a
// = ((x_n² + a) / (2 * x_n))² - a
// = (x_n⁴ + 2 * a * x_n² + a²) / (4 * x_n²) - a
// = (x_n⁴ + 2 * a * x_n² + a² - 4 * a * x_n²) / (4 * x_n²)
// = (x_n⁴ - 2 * a * x_n² + a²) / (4 * x_n²)
// = (x_n² - a)² / (2 * x_n)²
// = ((x_n² - a) / (2 * x_n))²
// ≥ 0
// Which proves that for all n ≥ 1, sqrt(a) ≤ x_n
//
// This gives us the proof of quadratic convergence of the sequence:
// ε_{n+1} = | x_{n+1} - sqrt(a) |
// = | (x_n + a / x_n) / 2 - sqrt(a) |
// = | (x_n² + a - 2*x_n*sqrt(a)) / (2 * x_n) |
// = | (x_n - sqrt(a))² / (2 * x_n) |
// = | ε_n² / (2 * x_n) |
// = ε_n² / | (2 * x_n) |
//
// For the first iteration, we have a special case where x_0 is known:
// ε_1 = ε_0² / | (2 * x_0) |
// ≤ (2**(e-2))² / (2 * (2**(e-1) + 2**(e-2)))
// ≤ 2**(2*e-4) / (3 * 2**(e-1))
// ≤ 2**(e-3) / 3
// ≤ 2**(e-3-log2(3))
// ≤ 2**(e-4.5)
//
// For the following iterations, we use the fact that, 2**(e-1) ≤ sqrt(a) ≤ x_n:
// ε_{n+1} = ε_n² / | (2 * x_n) |
// ≤ (2**(e-k))² / (2 * 2**(e-1))
// ≤ 2**(2*e-2*k) / 2**e
// ≤ 2**(e-2*k)
xn = (xn + a / xn) >> 1; // ε_1 := | x_1 - sqrt(a) | ≤ 2**(e-4.5) -- special case, see above
xn = (xn + a / xn) >> 1; // ε_2 := | x_2 - sqrt(a) | ≤ 2**(e-9) -- general case with k = 4.5
xn = (xn + a / xn) >> 1; // ε_3 := | x_3 - sqrt(a) | ≤ 2**(e-18) -- general case with k = 9
xn = (xn + a / xn) >> 1; // ε_4 := | x_4 - sqrt(a) | ≤ 2**(e-36) -- general case with k = 18
xn = (xn + a / xn) >> 1; // ε_5 := | x_5 - sqrt(a) | ≤ 2**(e-72) -- general case with k = 36
xn = (xn + a / xn) >> 1; // ε_6 := | x_6 - sqrt(a) | ≤ 2**(e-144) -- general case with k = 72
// Because e ≤ 128 (as discussed during the first estimation phase), we know have reached a precision
// ε_6 ≤ 2**(e-144) < 1. Given we're operating on integers, then we can ensure that xn is now either
// sqrt(a) or sqrt(a) + 1.
return xn - SafeCast.toUint(xn > a / xn);
}
}
/**
* @dev Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && result * result < a);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 x) internal pure returns (uint256 r) {
// If value has upper 128 bits set, log2 result is at least 128
r = SafeCast.toUint(x > 0xffffffffffffffffffffffffffffffff) << 7;
// If upper 64 bits of 128-bit half set, add 64 to result
r |= SafeCast.toUint((x >> r) > 0xffffffffffffffff) << 6;
// If upper 32 bits of 64-bit half set, add 32 to result
r |= SafeCast.toUint((x >> r) > 0xffffffff) << 5;
// If upper 16 bits of 32-bit half set, add 16 to result
r |= SafeCast.toUint((x >> r) > 0xffff) << 4;
// If upper 8 bits of 16-bit half set, add 8 to result
r |= SafeCast.toUint((x >> r) > 0xff) << 3;
// If upper 4 bits of 8-bit half set, add 4 to result
r |= SafeCast.toUint((x >> r) > 0xf) << 2;
// Shifts value right by the current result and use it as an index into this lookup table:
//
// | x (4 bits) | index | table[index] = MSB position |
// |------------|---------|-----------------------------|
// | 0000 | 0 | table[0] = 0 |
// | 0001 | 1 | table[1] = 0 |
// | 0010 | 2 | table[2] = 1 |
// | 0011 | 3 | table[3] = 1 |
// | 0100 | 4 | table[4] = 2 |
// | 0101 | 5 | table[5] = 2 |
// | 0110 | 6 | table[6] = 2 |
// | 0111 | 7 | table[7] = 2 |
// | 1000 | 8 | table[8] = 3 |
// | 1001 | 9 | table[9] = 3 |
// | 1010 | 10 | table[10] = 3 |
// | 1011 | 11 | table[11] = 3 |
// | 1100 | 12 | table[12] = 3 |
// | 1101 | 13 | table[13] = 3 |
// | 1110 | 14 | table[14] = 3 |
// | 1111 | 15 | table[15] = 3 |
//
// The lookup table is represented as a 32-byte value with the MSB positions for 0-15 in the last 16 bytes.
assembly ("memory-safe") {
r := or(r, byte(shr(r, x), 0x0000010102020202030303030303030300000000000000000000000000000000))
}
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << result < value);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 10 ** result < value);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
uint256 isGt;
unchecked {
isGt = SafeCast.toUint(value > (1 << 128) - 1);
value >>= isGt * 128;
result += isGt * 16;
isGt = SafeCast.toUint(value > (1 << 64) - 1);
value >>= isGt * 64;
result += isGt * 8;
isGt = SafeCast.toUint(value > (1 << 32) - 1);
value >>= isGt * 32;
result += isGt * 4;
isGt = SafeCast.toUint(value > (1 << 16) - 1);
value >>= isGt * 16;
result += isGt * 2;
result += SafeCast.toUint(value > (1 << 8) - 1);
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << (result << 3) < value);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
/* solhint-disable func-visibility, no-inline-assembly */
error Math__toInt256_overflow();
error Math__toUint64_overflow();
error Math__add_overflow_signed();
error Math__sub_overflow_signed();
error Math__mul_overflow_signed();
error Math__mul_overflow();
error Math__div_overflow();
uint256 constant WAD = 1e18;
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/SafeCastLib.sol#L367
function toInt256(uint256 x) pure returns (int256) {
if (x >= 1 << 255) revert Math__toInt256_overflow();
return int256(x);
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/SafeCastLib.sol#L53
function toUint64(uint256 x) pure returns (uint64) {
if (x >= 1 << 64) revert Math__toUint64_overflow();
return uint64(x);
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L602
function abs(int256 x) pure returns (uint256 z) {
assembly ("memory-safe") {
let mask := sub(0, shr(255, x))
z := xor(mask, add(mask, x))
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L620
function min(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
z := xor(x, mul(xor(x, y), lt(y, x)))
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L628
function min(int256 x, int256 y) pure returns (int256 z) {
assembly ("memory-safe") {
z := xor(x, mul(xor(x, y), slt(y, x)))
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L636
function max(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
z := xor(x, mul(xor(x, y), gt(y, x)))
}
}
/// @dev Taken from https://github.com/makerdao/dss/blob/fa4f6630afb0624d04a003e920b0d71a00331d98/src/vat.sol#L74
function add(uint256 x, int256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
z := add(x, y)
}
if ((y > 0 && z < x) || (y < 0 && z > x)) {
revert Math__add_overflow_signed();
}
}
/// @dev Taken from https://github.com/makerdao/dss/blob/fa4f6630afb0624d04a003e920b0d71a00331d98/src/vat.sol#L79
function sub(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
z := sub(x, y)
}
if ((y > 0 && z > x) || (y < 0 && z < x)) {
revert Math__sub_overflow_signed();
}
}
/// @dev Taken from https://github.com/makerdao/dss/blob/fa4f6630afb0624d04a003e920b0d71a00331d98/src/vat.sol#L84
function mul(uint256 x, int256 y) pure returns (int256 z) {
unchecked {
z = int256(x) * y;
if (int256(x) < 0 || (y != 0 && z / y != int256(x))) {
revert Math__mul_overflow_signed();
}
}
}
/// @dev Equivalent to `(x * y) / WAD` rounded down.
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L54
function wmul(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
// Equivalent to `require(y == 0 || x <= type(uint256).max / y)`.
if mul(y, gt(x, div(not(0), y))) {
// Store the function selector of `Math__mul_overflow()`.
mstore(0x00, 0xc4c5d7f5)
// Revert with (offset, size).
revert(0x1c, 0x04)
}
z := div(mul(x, y), WAD)
}
}
function wmul(uint256 x, int256 y) pure returns (int256 z) {
unchecked {
z = mul(x, y) / int256(WAD);
}
}
/// @dev Equivalent to `(x * y) / WAD` rounded up.
/// @dev Taken from https://github.com/Vectorized/solady/blob/969a78905274b32cdb7907398c443f7ea212e4f4/src/utils/FixedPointMathLib.sol#L69C22-L69C22
function wmulUp(uint256 x, uint256 y) pure returns (uint256 z) {
/// @solidity memory-safe-assembly
assembly {
// Equivalent to `require(y == 0 || x <= type(uint256).max / y)`.
if mul(y, gt(x, div(not(0), y))) {
// Store the function selector of `Math__mul_overflow()`.
mstore(0x00, 0xc4c5d7f5)
// Revert with (offset, size).
revert(0x1c, 0x04)
}
z := add(iszero(iszero(mod(mul(x, y), WAD))), div(mul(x, y), WAD))
}
}
/// @dev Equivalent to `(x * WAD) / y` rounded down.
/// @dev Taken from https://github.com/Vectorized/solady/blob/6d706e05ef43cbed234c648f83c55f3a4bb0a520/src/utils/FixedPointMathLib.sol#L84
function wdiv(uint256 x, uint256 y) pure returns (uint256 z) {
assembly ("memory-safe") {
// Equivalent to `require(y != 0 && (WAD == 0 || x <= type(uint256).max / WAD))`.
if iszero(mul(y, iszero(mul(WAD, gt(x, div(not(0), WAD)))))) {
// Store the function selector of `Math__div_overflow()`.
mstore(0x00, 0xbcbede65)
// Revert with (offset, size).
revert(0x1c, 0x04)
}
z := div(mul(x, WAD), y)
}
}
/// @dev Equivalent to `(x * WAD) / y` rounded up.
/// @dev Taken from https://github.com/Vectorized/solady/blob/969a78905274b32cdb7907398c443f7ea212e4f4/src/utils/FixedPointMathLib.sol#L99
function wdivUp(uint256 x, uint256 y) pure returns (uint256 z) {
/// @solidity memory-safe-assembly
assembly {
// Equivalent to `require(y != 0 && (WAD == 0 || x <= type(uint256).max / WAD))`.
if iszero(mul(y, iszero(mul(WAD, gt(x, div(not(0), WAD)))))) {
// Store the function selector of `Math__div_overflow()`.
mstore(0x00, 0xbcbede65)
// Revert with (offset, size).
revert(0x1c, 0x04)
}
z := add(iszero(iszero(mod(mul(x, WAD), y))), div(mul(x, WAD), y))
}
}
/// @dev Taken from https://github.com/makerdao/dss/blob/fa4f6630afb0624d04a003e920b0d71a00331d98/src/jug.sol#L62
function wpow(uint256 x, uint256 n, uint256 b) pure returns (uint256 z) {
unchecked {
assembly ("memory-safe") {
switch n
case 0 { z := b }
default {
switch x
case 0 { z := 0 }
default {
switch mod(n, 2)
case 0 { z := b }
default { z := x }
let half := div(b, 2) // for rounding.
for { n := div(n, 2) } n { n := div(n, 2) } {
let xx := mul(x, x)
if shr(128, x) { revert(0, 0) }
let xxRound := add(xx, half)
if lt(xxRound, xx) { revert(0, 0) }
x := div(xxRound, b)
if mod(n, 2) {
let zx := mul(z, x)
if and(iszero(iszero(x)), iszero(eq(div(zx, x), z))) { revert(0, 0) }
let zxRound := add(zx, half)
if lt(zxRound, zx) { revert(0, 0) }
z := div(zxRound, b)
}
}
}
}
}
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/cde0a5fb594da8655ba6bfcdc2e40a7c870c0cc0/src/utils/FixedPointMathLib.sol#L110
/// @dev Equivalent to `x` to the power of `y`.
/// because `x ** y = (e ** ln(x)) ** y = e ** (ln(x) * y)`.
function wpow(int256 x, int256 y) pure returns (int256) {
// Using `ln(x)` means `x` must be greater than 0.
return wexp((wln(x) * y) / int256(WAD));
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/cde0a5fb594da8655ba6bfcdc2e40a7c870c0cc0/src/utils/FixedPointMathLib.sol#L116
/// @dev Returns `exp(x)`, denominated in `WAD`.
function wexp(int256 x) pure returns (int256 r) {
unchecked {
// When the result is < 0.5 we return zero. This happens when
// x <= floor(log(0.5e18) * 1e18) ~ -42e18
if (x <= -42139678854452767551) return r;
/// @solidity memory-safe-assembly
assembly {
// When the result is > (2**255 - 1) / 1e18 we can not represent it as an
// int. This happens when x >= floor(log((2**255 - 1) / 1e18) * 1e18) ~ 135.
if iszero(slt(x, 135305999368893231589)) {
mstore(0x00, 0xa37bfec9) // `ExpOverflow()`.
revert(0x1c, 0x04)
}
}
// x is now in the range (-42, 136) * 1e18. Convert to (-42, 136) * 2**96
// for more intermediate precision and a binary basis. This base conversion
// is a multiplication by 1e18 / 2**96 = 5**18 / 2**78.
x = (x << 78) / 5 ** 18;
// Reduce range of x to (-½ ln 2, ½ ln 2) * 2**96 by factoring out powers
// of two such that exp(x) = exp(x') * 2**k, where k is an integer.
// Solving this gives k = round(x / log(2)) and x' = x - k * log(2).
int256 k = ((x << 96) / 54916777467707473351141471128 + 2 ** 95) >> 96;
x = x - k * 54916777467707473351141471128;
// k is in the range [-61, 195].
// Evaluate using a (6, 7)-term rational approximation.
// p is made monic, we'll multiply by a scale factor later.
int256 y = x + 1346386616545796478920950773328;
y = ((y * x) >> 96) + 57155421227552351082224309758442;
int256 p = y + x - 94201549194550492254356042504812;
p = ((p * y) >> 96) + 28719021644029726153956944680412240;
p = p * x + (4385272521454847904659076985693276 << 96);
// We leave p in 2**192 basis so we don't need to scale it back up for the division.
int256 q = x - 2855989394907223263936484059900;
q = ((q * x) >> 96) + 50020603652535783019961831881945;
q = ((q * x) >> 96) - 533845033583426703283633433725380;
q = ((q * x) >> 96) + 3604857256930695427073651918091429;
q = ((q * x) >> 96) - 14423608567350463180887372962807573;
q = ((q * x) >> 96) + 26449188498355588339934803723976023;
/// @solidity memory-safe-assembly
assembly {
// Div in assembly because solidity adds a zero check despite the unchecked.
// The q polynomial won't have zeros in the domain as all its roots are complex.
// No scaling is necessary because p is already 2**96 too large.
r := sdiv(p, q)
}
// r should be in the range (0.09, 0.25) * 2**96.
// We now need to multiply r by:
// * the scale factor s = ~6.031367120.
// * the 2**k factor from the range reduction.
// * the 1e18 / 2**96 factor for base conversion.
// We do this all at once, with an intermediate result in 2**213
// basis, so the final right shift is always by a positive amount.
r = int256((uint256(r) * 3822833074963236453042738258902158003155416615667) >> uint256(195 - k));
}
}
/// @dev Taken from https://github.com/Vectorized/solady/blob/cde0a5fb594da8655ba6bfcdc2e40a7c870c0cc0/src/utils/FixedPointMathLib.sol#L184
/// @dev Returns `ln(x)`, denominated in `WAD`.
function wln(int256 x) pure returns (int256 r) {
unchecked {
/// @solidity memory-safe-assembly
assembly {
if iszero(sgt(x, 0)) {
mstore(0x00, 0x1615e638) // `LnWadUndefined()`.
revert(0x1c, 0x04)
}
}
// We want to convert x from 10**18 fixed point to 2**96 fixed point.
// We do this by multiplying by 2**96 / 10**18. But since
// ln(x * C) = ln(x) + ln(C), we can simply do nothing here
// and add ln(2**96 / 10**18) at the end.
// Compute k = log2(x) - 96, t = 159 - k = 255 - log2(x) = 255 ^ log2(x).
int256 t;
/// @solidity memory-safe-assembly
assembly {
t := shl(7, lt(0xffffffffffffffffffffffffffffffff, x))
t := or(t, shl(6, lt(0xffffffffffffffff, shr(t, x))))
t := or(t, shl(5, lt(0xffffffff, shr(t, x))))
t := or(t, shl(4, lt(0xffff, shr(t, x))))
t := or(t, shl(3, lt(0xff, shr(t, x))))
// forgefmt: disable-next-item
t := xor(
t,
byte(
and(
0x1f,
shr(shr(t, x), 0x8421084210842108cc6318c6db6d54be)
),
0xf8f9f9faf9fdfafbf9fdfcfdfafbfcfef9fafdfafcfcfbfefafafcfbffffffff
)
)
}
// Reduce range of x to (1, 2) * 2**96
// ln(2^k * x) = k * ln(2) + ln(x)
x = int256(uint256(x << uint256(t)) >> 159);
// Evaluate using a (8, 8)-term rational approximation.
// p is made monic, we will multiply by a scale factor later.
int256 p = x + 3273285459638523848632254066296;
p = ((p * x) >> 96) + 24828157081833163892658089445524;
p = ((p * x) >> 96) + 43456485725739037958740375743393;
p = ((p * x) >> 96) - 11111509109440967052023855526967;
p = ((p * x) >> 96) - 45023709667254063763336534515857;
p = ((p * x) >> 96) - 14706773417378608786704636184526;
p = p * x - (795164235651350426258249787498 << 96);
// We leave p in 2**192 basis so we don't need to scale it back up for the division.
// q is monic by convention.
int256 q = x + 5573035233440673466300451813936;
q = ((q * x) >> 96) + 71694874799317883764090561454958;
q = ((q * x) >> 96) + 283447036172924575727196451306956;
q = ((q * x) >> 96) + 401686690394027663651624208769553;
q = ((q * x) >> 96) + 204048457590392012362485061816622;
q = ((q * x) >> 96) + 31853899698501571402653359427138;
q = ((q * x) >> 96) + 909429971244387300277376558375;
/// @solidity memory-safe-assembly
assembly {
// Div in assembly because solidity adds a zero check despite the unchecked.
// The q polynomial is known not to have zeros in the domain.
// No scaling required because p is already 2**96 too large.
r := sdiv(p, q)
}
// r is in the range (0, 0.125) * 2**96
// Finalization, we need to:
// * multiply by the scale factor s = 5.549…
// * add ln(2**96 / 10**18)
// * add k * ln(2)
// * multiply by 10**18 / 2**96 = 5**18 >> 78
// mul s * 5e18 * 2**96, base is now 5**18 * 2**192
r *= 1677202110996718588342820967067443963516166;
// add ln(2) * k * 5e18 * 2**192
r += 16597577552685614221487285958193947469193820559219878177908093499208371 * (159 - t);
// add ln(2**96 / 10**18) * 5e18 * 2**192
r += 600920179829731861736702779321621459595472258049074101567377883020018308;
// base conversion: mul 2**18 / 2**192
r >>= 174;
}
}
/// @dev Returns the square root of `x`, rounded down.
function sqrt(uint256 x) pure returns (uint256 z) {
/// @solidity memory-safe-assembly
assembly {
// `floor(sqrt(2**15)) = 181`. `sqrt(2**15) - 181 = 2.84`.
z := 181 // The "correct" value is 1, but this saves a multiplication later.
// This segment is to get a reasonable initial estimate for the Babylonian method. With a bad
// start, the correct # of bits increases ~linearly each iteration instead of ~quadratically.
// Let `y = x / 2**r`. We check `y >= 2**(k + 8)`
// but shift right by `k` bits to ensure that if `x >= 256`, then `y >= 256`.
let r := shl(7, lt(0xffffffffffffffffffffffffffffffffff, x))
r := or(r, shl(6, lt(0xffffffffffffffffff, shr(r, x))))
r := or(r, shl(5, lt(0xffffffffff, shr(r, x))))
r := or(r, shl(4, lt(0xffffff, shr(r, x))))
z := shl(shr(1, r), z)
// Goal was to get `z*z*y` within a small factor of `x`. More iterations could
// get y in a tighter range. Currently, we will have y in `[256, 256*(2**16))`.
// We ensured `y >= 256` so that the relative difference between `y` and `y+1` is small.
// That's not possible if `x < 256` but we can just verify those cases exhaustively.
// Now, `z*z*y <= x < z*z*(y+1)`, and `y <= 2**(16+8)`, and either `y >= 256`, or `x < 256`.
// Correctness can be checked exhaustively for `x < 256`, so we assume `y >= 256`.
// Then `z*sqrt(y)` is within `sqrt(257)/sqrt(256)` of `sqrt(x)`, or about 20bps.
// For `s` in the range `[1/256, 256]`, the estimate `f(s) = (181/1024) * (s+1)`
// is in the range `(1/2.84 * sqrt(s), 2.84 * sqrt(s))`,
// with largest error when `s = 1` and when `s = 256` or `1/256`.
// Since `y` is in `[256, 256*(2**16))`, let `a = y/65536`, so that `a` is in `[1/256, 256)`.
// Then we can estimate `sqrt(y)` using
// `sqrt(65536) * 181/1024 * (a + 1) = 181/4 * (y + 65536)/65536 = 181 * (y + 65536)/2**18`.
// There is no overflow risk here since `y < 2**136` after the first branch above.
z := shr(18, mul(z, add(shr(r, x), 65536))) // A `mul()` is saved from starting `z` at 181.
// Given the worst case multiplicative error of 2.84 above, 7 iterations should be enough.
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
z := shr(1, add(z, div(x, z)))
// If `x+1` is a perfect square, the Babylonian method cycles between
// `floor(sqrt(x))` and `ceil(sqrt(x))`. This statement ensures we return floor.
// See: https://en.wikipedia.org/wiki/Integer_square_root#Using_only_integer_division
z := sub(z, lt(div(x, z), z))
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {wmul} from "@utils/Math.sol";
import {IAscendant} from "@interfaces/IAscendant.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
/**
* @title AscendantPride Contract
* @author Decentra
* @notice Contract that manages the accumulation and distribution of Ascendant tokens for the auction system
*/
contract AscendantPride {
using SafeERC20 for IAscendant;
/* === IMMUTABLES === */
/**
* @notice Interface to the Ascendant token contract for token transfers and balance checks
*/
IAscendant immutable ascendant;
/**
* @notice Address of the auction contract authorized to call emitForAuction
* @dev Immutable reference set in constructor, used for access control validation
*/
address immutable auction;
/* === ERRORS === */
error AscendantPride__OnlyAuction();
/* === CONSTRUCTOR === */
/**
* @notice Initializes the AscendantPride contract
* @param _auction Address of the auction contract that will receive distributed tokens
* @param _ascendant Address of the Ascendant token contract
*/
constructor(address _auction, address _ascendant) {
auction = _auction;
ascendant = IAscendant(_ascendant);
}
//==========================//
//=========MODIFIERS========//
//==========================//
/**
* @dev Modifier to restrict function access to auction contract only
*/
modifier onlyAuction() {
_onlyAuction();
_;
}
//==========================//
//=========EXTERNAL=========//
//==========================//
/**
* @notice Distributes tokens to the auction contract
* @return emitted Amount of tokens transferred to the auction
*/
function emitForAuction() external onlyAuction returns (uint256 emitted) {
uint256 balanceOf = ascendant.balanceOf(address(this));
emitted = wmul(balanceOf, DISTRIBUTION_FROM_THE_ASCENDANT);
ascendant.safeTransfer(msg.sender, emitted);
}
//==========================//
//=========INTERNAL=========//
//==========================//
/**
* @dev Internal function to validate caller is auction contract
*/
function _onlyAuction() internal view {
if (msg.sender != auction) revert AscendantPride__OnlyAuction();
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/// @title Contains 512-bit math functions
/// @notice Facilitates multiplication and division that can have overflow of an intermediate value without any loss of precision
/// @dev Handles "phantom overflow" i.e., allows multiplication and division where an intermediate value overflows 256 bits
library FullMath {
/// @notice Calculates floor(a×b÷denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
/// @param a The multiplicand
/// @param b The multiplier
/// @param denominator The divisor
/// @return result The 256-bit result
/// @dev Credit to Remco Bloemen under MIT license https://xn--2-umb.com/21/muldiv
function mulDiv(
uint256 a,
uint256 b,
uint256 denominator
) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = a * b
// Compute the product mod 2**256 and mod 2**256 - 1
// then use the Chinese Remainder Theorem to reconstruct
// the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2**256 + prod0
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(a, b, not(0))
prod0 := mul(a, b)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division
if (prod1 == 0) {
require(denominator > 0);
assembly {
result := div(prod0, denominator)
}
return result;
}
// Make sure the result is less than 2**256.
// Also prevents denominator == 0
require(denominator > prod1);
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0]
// Compute remainder using mulmod
uint256 remainder;
assembly {
remainder := mulmod(a, b, denominator)
}
// Subtract 256 bit number from 512 bit number
assembly {
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator
// Compute largest power of two divisor of denominator.
// Always >= 1.
uint256 twos = (0 - denominator) & denominator;
// Divide denominator by power of two
assembly {
denominator := div(denominator, twos)
}
// Divide [prod1 prod0] by the factors of two
assembly {
prod0 := div(prod0, twos)
}
// Shift in bits from prod1 into prod0. For this we need
// to flip `twos` such that it is 2**256 / twos.
// If twos is zero, then it becomes one
assembly {
twos := add(div(sub(0, twos), twos), 1)
}
prod0 |= prod1 * twos;
// Invert denominator mod 2**256
// Now that denominator is an odd number, it has an inverse
// modulo 2**256 such that denominator * inv = 1 mod 2**256.
// Compute the inverse by starting with a seed that is correct
// correct for four bits. That is, denominator * inv = 1 mod 2**4
uint256 inv = (3 * denominator) ^ 2;
// Now use Newton-Raphson iteration to improve the precision.
// Thanks to Hensel's lifting lemma, this also works in modular
// arithmetic, doubling the correct bits in each step.
inv *= 2 - denominator * inv; // inverse mod 2**8
inv *= 2 - denominator * inv; // inverse mod 2**16
inv *= 2 - denominator * inv; // inverse mod 2**32
inv *= 2 - denominator * inv; // inverse mod 2**64
inv *= 2 - denominator * inv; // inverse mod 2**128
inv *= 2 - denominator * inv; // inverse mod 2**256
// Because the division is now exact we can divide by multiplying
// with the modular inverse of denominator. This will give us the
// correct result modulo 2**256. Since the precoditions guarantee
// that the outcome is less than 2**256, this is the final result.
// We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inv;
return result;
}
}
/// @notice Calculates ceil(a×b÷denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
/// @param a The multiplicand
/// @param b The multiplier
/// @param denominator The divisor
/// @return result The 256-bit result
function mulDivRoundingUp(
uint256 a,
uint256 b,
uint256 denominator
) internal pure returns (uint256 result) {
unchecked {
result = mulDiv(a, b, denominator);
if (mulmod(a, b, denominator) > 0) {
require(result < type(uint256).max);
result++;
}
}
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@utils/Errors.sol";
import "@const/Constants.sol";
import {Time} from "@utils/Time.sol";
import {IWETH9} from "@interfaces/IWETH.sol";
import {Ascendant} from "@core/Ascendant.sol";
import {AscendantPride} from "@core/AscendantPride.sol";
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {AscendantBuyAndBurn} from "@core/AscendantBuyAndBurn.sol";
import {wmul} from "@utils/Math.sol";
import {TickMath} from "@uniswap/v3-core/contracts/libraries/TickMath.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SwapActions, SwapActionParams} from "@actions/SwapActions.sol";
import {IAscendant, IAscendantBuyAndBurn} from "@interfaces/IAscendant.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ERC20Burnable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
import {INonfungiblePositionManager} from "@uniswap/v3-periphery/contracts/interfaces/INonfungiblePositionManager.sol";
/**
* @dev Struct representing Uniswap V3 Liquidity Position details
* @param hasLP Boolean indicating if liquidity has been added
* @param isAscendantToken0 Boolean indicating if Ascendant is token0 in the pair
* @param tokenId Uniswap V3 NFT position ID
*/
struct LP {
bool hasLP;
bool isAscendantToken0;
uint256 tokenId;
}
/**
* @dev Struct tracking daily auction statistics
* @param ascendantEmitted Amount of Ascendant tokens emitted for the day
* @param titanXDeposited Total TitanX tokens deposited for the day
*/
struct DailyStatistic {
uint256 ascendantEmitted;
uint256 titanXDeposited;
}
/**
* @title AscendantAuction
* @author Decentra
* @dev Contract managing the auction of Ascendant tokens through TitanX deposits
* and subsequent liquidity management in Uniswap V3.
*
* @notice This contract:
* - Manages daily auctions for Ascendant tokens
* - Handles TitanX and ETH deposits
* - Manages Uniswap V3 liquidity
* - Processes fee collection and distribution
* - Tracks daily statistics and user deposits
*/
contract AscendantAuction is SwapActions {
using SafeERC20 for IERC20;
using SafeERC20 for IAscendant;
using Math for uint256;
/* == IMMUTABLES == */
IAscendant immutable ascendant; // Ascendant token contract
IERC20 public immutable titanX; // TitanX token contract
IERC20 public immutable dragonX; // DragonX token contract
IWETH9 public immutable weth; // Wrapped ETH contract
uint32 public immutable startTimestamp;
address public immutable tincBnB;
address public immutable uniswapV3PositionManager;
/* == STATE == */
uint256 public totalTitanXDeposited;
uint128 lpSlippage = WAD - 0.2e18; // Liquidity provision slippage tolerance (default: WAD - 0.2e18)
LP public lp;
AscendantPride public immutable ascendantPride;
/**
* @notice Mapping for user deposits and daily statistics
*/
mapping(address => mapping(uint32 day => uint256 amount)) public depositOf;
mapping(uint32 day => DailyStatistic) public dailyStats;
/* == ERRORS == */
error AscendantAuction__InvalidInput();
error AscendantAuction__OnlyClaimableTheNextDay();
error AscendantAuction__LiquidityAlreadyAdded();
error AscendantAuction__NotStartedYet();
error AscendantAuction__NothingToClaim();
error AscendantAuction__InvalidSlippage();
error AscendantAuction__NotEnoughTitanXForLiquidity();
error AscendantAuction__TreasuryAscendantIsEmpty();
/* == EVENTS === */
event Deposit(address indexed user, uint256 indexed titanXAmount, uint32 indexed day);
event UserClaimed(address indexed user, uint256 indexed ascendantAmount, uint32 indexed day);
/* == CONSTRUCTOR == */
/**
* @notice Constructor for AscendantAuction
* @dev Initializes core contract references and auction parameters
* @param _ascendant Address of the Ascendant token contract
* @param _dragonX Address of the DragonX token contract
* @param _titanX Address of the TitanX token contract
* @param _weth Address of the WETH contract
* @param _tincBnB Address of the TincBnB contract
* @param _uniswapV3PositionManager Address of Uniswap V3 position manager
* @param _params SwapActions initialization parameters
* @param _startTimestamp Timestamp when the auction starts
*/
constructor(
address _ascendant,
address _dragonX,
address _titanX,
address _weth,
address _tincBnB,
address _uniswapV3PositionManager,
SwapActionParams memory _params,
uint32 _startTimestamp
)
payable
SwapActions(_params)
notAddress0(_ascendant)
notAddress0(_dragonX)
notAddress0(_titanX)
notAddress0(_weth)
notAddress0(_tincBnB)
notAddress0(_uniswapV3PositionManager)
{
// nftCollection address
ascendant = IAscendant(_ascendant);
dragonX = IERC20(_dragonX);
titanX = IERC20(_titanX);
weth = IWETH9(_weth);
tincBnB = _tincBnB;
ascendantPride = new AscendantPride(address(this), _ascendant);
uniswapV3PositionManager = _uniswapV3PositionManager;
startTimestamp = _startTimestamp;
}
//==========================//
//==========PUBLIC==========//
//==========================//
/**
* @notice Claims Ascendant tokens for a specific day
* @param _day The day to claim tokens for
*/
function claim(uint32 _day) public {
uint32 daySinceStart = Time.daysSince(startTimestamp) + 1;
if (_day == daySinceStart) revert AscendantAuction__OnlyClaimableTheNextDay();
uint256 toClaim = amountToClaim(msg.sender, _day);
if (toClaim == 0) revert AscendantAuction__NothingToClaim();
emit UserClaimed(msg.sender, toClaim, _day);
ascendant.safeTransfer(msg.sender, toClaim);
depositOf[msg.sender][_day] = 0;
}
/**
* @notice Calculates claimable Ascendant tokens for a user on a specific day
* @param _user Address of the user
* @param _day Day to check
* @return toClaim Amount of Ascendant tokens claimable
*/
function amountToClaim(address _user, uint32 _day) public view returns (uint256 toClaim) {
uint256 depositAmount = depositOf[_user][_day];
DailyStatistic memory stats = dailyStats[_day];
return (depositAmount * stats.ascendantEmitted) / stats.titanXDeposited;
}
/**
* @notice Calculates total claimable Ascendant tokens for a user across multiple days
* @dev Sums up all claimable amounts for the specified days
* @param _user Address of the user to check
* @param _days Array of days to check for claimable amounts
* @return toClaim Total amount of Ascendant tokens claimable across all specified days
*/
function batchClaimableAmount(address _user, uint32[] calldata _days) public view returns (uint256 toClaim) {
for (uint256 i; i < _days.length; ++i) {
toClaim += amountToClaim(_user, _days[i]);
}
}
//==========================//
//=========EXTERNAL=========//
//==========================//
/**
* @notice Updates LP slippage tolerance
* @param _newSlippage New slippage value
*/
function changeLPSlippage(uint128 _newSlippage) external onlyOwner notAmount0(_newSlippage) {
if (_newSlippage > WAD) revert AscendantAuction__InvalidSlippage();
lpSlippage = _newSlippage;
}
/**
* @notice Batch claims Ascendant tokens for multiple days at once
* @dev Executes claim function for each specified day
* @param _days Array of days to claim tokens for
*/
function batchClaim(uint32[] calldata _days) external {
for (uint256 i; i < _days.length; ++i) {
claim(_days[i]);
}
}
/**
* @notice Deposits TitanX tokens for auction participation
* @param _amount Amount of TitanX to deposit
*/
function depositTitanX(uint256 _amount) external {
if (_amount == 0) revert AscendantAuction__InvalidInput();
if (startTimestamp > Time.blockTs()) revert AscendantAuction__NotStartedYet();
_updateAuction();
uint32 daySinceStart = Time.daysSince(startTimestamp) + 1;
DailyStatistic storage stats = dailyStats[daySinceStart];
titanX.transferFrom(msg.sender, address(this), _amount);
_deposit(_amount);
depositOf[msg.sender][daySinceStart] += _amount;
stats.titanXDeposited += _amount;
totalTitanXDeposited += _amount;
emit Deposit(msg.sender, _amount, daySinceStart);
}
/**
* @notice Deposits ETH which is converted to TitanX for auction participation
* @dev Converts ETH to WETH, then swaps for TitanX using Uniswap
* @param _amountTitanXMin Minimum amount of TitanX to receive after swap
* @param _deadline Deadline for the swap transaction
*/
function depositETH(uint256 _amountTitanXMin, uint32 _deadline) external payable notExpired(_deadline) {
if (msg.value == 0) revert AscendantAuction__InvalidInput();
if (startTimestamp > Time.blockTs()) revert AscendantAuction__NotStartedYet();
_updateAuction();
weth.deposit{value: msg.value}();
uint256 titanXAmount = swapExactInput(address(weth), address(titanX), msg.value, _amountTitanXMin, _deadline);
uint32 daySinceStart = Time.daysSince(startTimestamp) + 1;
DailyStatistic storage stats = dailyStats[daySinceStart];
_deposit(titanXAmount);
depositOf[msg.sender][daySinceStart] += titanXAmount;
stats.titanXDeposited += titanXAmount;
totalTitanXDeposited += titanXAmount;
emit Deposit(msg.sender, titanXAmount, daySinceStart);
}
/**
* @notice Creates and adds initial liquidity to Uniswap V3 pool
* @dev Only owner can call this once
* @param _deadline Deadline for the liquidity addition
*/
function addLiquidityToAscendantDragonXPool(uint32 _deadline) external onlyOwner notExpired(_deadline) {
if (lp.hasLP) revert AscendantAuction__LiquidityAlreadyAdded();
if (titanX.balanceOf(address(this)) < INITIAL_TITAN_X_FOR_LIQ) {
revert AscendantAuction__NotEnoughTitanXForLiquidity();
}
uint256 _excessAmount = titanX.balanceOf(address(this)) - INITIAL_TITAN_X_FOR_LIQ;
uint256 _dragonXAmount =
swapExactInput(address(titanX), address(dragonX), INITIAL_TITAN_X_FOR_LIQ, 0, _deadline);
ascendant.emitForLp();
(uint256 amount0, uint256 amount1, uint256 amount0Min, uint256 amount1Min, address token0, address token1) =
_sortAmounts(_dragonXAmount, INITIAL_ASCENDANT_FOR_LP);
ERC20Burnable(token0).approve(uniswapV3PositionManager, amount0);
ERC20Burnable(token1).approve(uniswapV3PositionManager, amount1);
// wake-disable-next-line
INonfungiblePositionManager.MintParams memory params = INonfungiblePositionManager.MintParams({
token0: token0,
token1: token1,
fee: POOL_FEE,
tickLower: (TickMath.MIN_TICK / TICK_SPACING) * TICK_SPACING,
tickUpper: (TickMath.MAX_TICK / TICK_SPACING) * TICK_SPACING,
amount0Desired: amount0,
amount1Desired: amount1,
amount0Min: amount0Min,
amount1Min: amount1Min,
recipient: address(this),
deadline: _deadline
});
// wake-disable-next-line
(uint256 tokenId,,,) = INonfungiblePositionManager(uniswapV3PositionManager).mint(params);
bool isAscendantToken0 = token0 == address(ascendant);
lp = LP({hasLP: true, tokenId: tokenId, isAscendantToken0: isAscendantToken0});
if (_excessAmount > 0) {
titanX.transfer(owner(), _excessAmount);
}
_transferOwnership(address(0));
}
/**
* @notice Collects the accrued fees from the UniswapV3 position
* @return amount0 The amount of token0 collected
* @return amount1 The amount of token1 collected
*/
function collectFees() external returns (uint256 amount0, uint256 amount1) {
LP memory _lp = lp;
INonfungiblePositionManager.CollectParams memory params = INonfungiblePositionManager.CollectParams({
tokenId: _lp.tokenId,
recipient: address(this),
amount0Max: type(uint128).max,
amount1Max: type(uint128).max
});
(amount0, amount1) = INonfungiblePositionManager(uniswapV3PositionManager).collect(params);
(uint256 ascendantAmount, uint256 dragonXAmount) =
_lp.isAscendantToken0 ? (amount0, amount1) : (amount1, amount0);
dragonX.transfer(LIQUIDITY_BONDING, dragonXAmount);
sendToGenesisWallets(ascendant, ascendantAmount);
}
//==========================//
//=========INTERNAL=========//
//==========================//
/**
* @dev Internal function to distribute deposited TitanX tokens
* @param _amount Amount of TitanX to distribute
*/
function _deposit(uint256 _amount) internal {
//@note - If there is no added liquidity, but the balance exceeds the initial for liquidity, we should distribute the difference
if (!lp.hasLP) {
uint256 titanXBalance = titanX.balanceOf(address(this));
if (titanXBalance <= INITIAL_TITAN_X_FOR_LIQ) return;
_amount = titanXBalance - INITIAL_TITAN_X_FOR_LIQ;
}
uint256 titanXLPTax = wmul(_amount, TITAN_X_LP_TAX);
_amount -= titanXLPTax;
uint256 titanXToConvertToDragonX = wmul(_amount, TITANX_TO_DRAGONX_RATIO);
uint256 titanXToSendToTincBnB = wmul(_amount, TITANX_TO_TINC_RATIO);
uint256 titanXToSendToGenesisWallet = wmul(_amount, GENESIS);
titanX.safeTransfer(LIQUIDITY_BONDING, titanXLPTax); // 1% titanX send to the LP
IAscendantBuyAndBurn bnb = ascendant.buyAndBurn();
titanX.approve(address(bnb), titanXToConvertToDragonX); // 72% of that is approved to the ascendant BnB
bnb.distributeTitanXForBurning(titanXToConvertToDragonX);
titanX.safeTransfer(tincBnB, titanXToSendToTincBnB); // 20% titanX send to dragonX TINC BnB
sendToGenesisWallets(titanX, titanXToSendToGenesisWallet); // 8% titanX send to genesis wallets
}
/**
* @dev Updates the auction state for the current day
* @notice Handles Ascendant token emission for the current auction day
*/
function _updateAuction() internal {
uint32 daySinceStart = Time.daysSince(startTimestamp) + 1;
if (dailyStats[daySinceStart].ascendantEmitted != 0) return;
if (daySinceStart > DAY_10 && ascendant.balanceOf(address(ascendantPride)) == 0) {
revert AscendantAuction__TreasuryAscendantIsEmpty();
}
uint256 emitted = (daySinceStart <= DAY_10) ? ascendant.emitForAuction() : ascendantPride.emitForAuction();
dailyStats[daySinceStart].ascendantEmitted = emitted;
}
/**
* @dev Sorts token amounts for liquidity provision
* @param _dragonXAmount Amount of DragonX tokens
* @param _ascendantAmount Amount of Ascendant tokens
* @return amount0 Amount of token0
* @return amount1 Amount of token1
* @return amount0Min Minimum amount of token0 accounting for slippage
* @return amount1Min Minimum amount of token1 accounting for slippage
* @return token0 Address of token0 (lower address between Ascendant and DragonX)
* @return token1 Address of token1 (higher address between Ascendant and DragonX)
*/
function _sortAmounts(uint256 _dragonXAmount, uint256 _ascendantAmount)
internal
view
returns (
uint256 amount0,
uint256 amount1,
uint256 amount0Min,
uint256 amount1Min,
address token0,
address token1
)
{
address _ascendant = address(ascendant);
address _dragonX = address(dragonX);
(token0, token1) = _ascendant < _dragonX ? (_ascendant, _dragonX) : (_dragonX, _ascendant);
(amount0, amount1) =
token0 == _ascendant ? (_ascendantAmount, _dragonXAmount) : (_dragonXAmount, _ascendantAmount);
(amount0Min, amount1Min) = (wmul(amount0, lpSlippage), wmul(amount1, lpSlippage));
}
//==========================//
//==========PRIVATE=========//
//==========================//
function sendToGenesisWallets(IERC20 erc20Token, uint256 _amount) private {
uint256 genesisHalf = wmul(_amount, HALF);
erc20Token.safeTransfer(GENESIS_WALLET_1, genesisHalf);
erc20Token.safeTransfer(GENESIS_WALLET_2, genesisHalf);
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Time} from "@utils/Time.sol";
import {Ascendant} from "@core/Ascendant.sol";
import {AscendantPride} from "@core/AscendantPride.sol";
import {IAscendant} from "@interfaces/IAscendant.sol";
import {wmul} from "@utils/Math.sol";
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {AscendantNFTMinting} from "@core/AscendantNFTMinting.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SwapActions, SwapActionParams} from "@actions/SwapActions.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ERC20Burnable} from "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";
/**
* @title AscendantBuyAndBurn
* @author Decentra
* @notice This contract manages the automated buying and burning of Ascendant tokens using DragonX through Uniswap V3 pools
* @dev Inherits from SwapActions to handle Uniswap V3 swap functionality
*/
contract AscendantBuyAndBurn is SwapActions {
using SafeERC20 for IERC20;
using Math for uint256;
//=============STRUCTS============//
/**
* @notice Represents an interval for token burning operations
* @param amountAllocated Amount of tokens allocated for burning in this interval
* @param amountBurned Amount of tokens that have been burned in this interval
*/
struct Interval {
uint128 amountAllocated;
uint128 amountBurned;
}
//===========IMMUTABLE===========//
IAscendant immutable ascendant;
IERC20 public immutable dragonX;
ERC20Burnable public immutable titanX;
uint32 public immutable startTimeStamp;
AscendantNFTMinting public immutable nftMinting;
//===========STATE===========//
uint256 public totalAscendantBurnt;
uint256 public lastBurnedInterval;
uint256 public totalTitanXDistributed;
uint256 public currentBnBPressure;
uint128 public swapCap;
mapping(uint32 interval => Interval) public intervals;
uint32 public lastIntervalNumber;
uint32 public lastBurnedIntervalStartTimestamp;
uint32 public lastSnapshot;
AscendantPride public ascendantPride;
//===========EVENTS===========//
/**
* @notice Emitted when tokens are bought and burned
* @param dragonXAmount Amount of DragonX tokens used in the operation
* @param ascendantBurnt Amount of Ascendant tokens that were burned
* @param caller Address that initiated the buy and burn operation
*/
event BuyAndBurn(uint256 indexed dragonXAmount, uint256 indexed ascendantBurnt, address indexed caller);
//===========ERRORS===========//
error AscendantBuyAndBurn__NotStartedYet();
error AscendantBuyAndBurn__IntervalAlreadyBurned();
error AscendantBuyAndBurn__OnlySlippageAdmin();
error AscendantBuyAndBurn__OnlyEOA();
error AscendantBuyAndBurn__InvalidStartTime();
//========CONSTRUCTOR========//
/**
* @notice Initializes the AscendantBuyAndBurn contract with required parameters and contracts
* @param _startTimestamp The Unix timestamp when the contract should begin operations
* @param _dragonX The address of the DragonX ERC20 token contract
* @param _titanX The address of the TitanX burnable token contract
* @param _ascendant The address of the Ascendant token contract
* @param _params Parameters for initializing the SwapActions base contract
* @param _ascendantRecycle The AscendantPride contract address for recycling operations
* @param _nftMinting The address of the NFT minting contract for reward distributions
* @dev Initializes the contract with the following operations:
* - Inherits SwapActions with provided swap parameters
* - Verifies all address parameters are non-zero
* - Sets initial state variables and contract references
* - Approves NFT minting contract to spend DragonX tokens
* - Sets initial swap cap to maximum uint128 value
*/
constructor(
uint32 _startTimestamp,
address _dragonX,
address _titanX,
address _ascendant,
SwapActionParams memory _params,
AscendantPride _ascendantRecycle,
address _nftMinting
)
SwapActions(_params)
notAddress0(_ascendant)
notAddress0(_dragonX)
notAddress0(_titanX)
notAddress0(address(_ascendantRecycle))
notAddress0(_nftMinting)
{
require(_startTimestamp % Time.SECONDS_PER_DAY == Time.TURN_OVER_TIME, AscendantBuyAndBurn__InvalidStartTime());
startTimeStamp = _startTimestamp;
ascendant = IAscendant(_ascendant);
dragonX = IERC20(_dragonX);
titanX = ERC20Burnable(_titanX);
nftMinting = AscendantNFTMinting(_nftMinting);
ascendantPride = _ascendantRecycle;
swapCap = type(uint128).max;
dragonX.approve(address(nftMinting), type(uint256).max); // to save from fees
}
//========MODIFIERS=======//
/**
* @notice Ensures interval state is updated before executing the modified function
* @dev Calls _intervalUpdate() before function execution and allows function to proceed
*/
modifier intervalUpdate() {
_intervalUpdate();
_;
}
/**
* @notice Restricts function access to the slippage admin
* @dev Calls _onlySlippageAdmin() to verify caller before function execution
*/
modifier onlySlippageAdmin() {
_onlySlippageAdmin();
_;
}
//==========================//
//=========EXTERNAL=========//
//==========================//
/**
* @notice Sets the maximum amount that can be swapped in a single interval
* @param _newCap New cap value (0 sets to max uint128)
* @dev Only callable by slippage admin
*/
function setSwapCap(uint128 _newCap) external onlySlippageAdmin {
swapCap = _newCap == 0 ? type(uint128).max : _newCap;
}
/**
* @notice Executes the buy and burn process
* @param _deadline Timestamp by which the transaction must be executed
*/
function swapDragonXForAscendantAndBurn(uint32 _deadline) external intervalUpdate notExpired(_deadline) {
if (msg.sender != tx.origin) {
revert AscendantBuyAndBurn__OnlyEOA();
}
if (Time.blockTs() < startTimeStamp) revert AscendantBuyAndBurn__NotStartedYet();
Interval storage currInterval = intervals[lastIntervalNumber];
if (currInterval.amountBurned != 0) {
revert AscendantBuyAndBurn__IntervalAlreadyBurned();
}
if (currInterval.amountAllocated > swapCap) {
currInterval.amountAllocated = swapCap;
}
currInterval.amountBurned = currInterval.amountAllocated;
uint256 incentive = wmul(currInterval.amountAllocated, INCENTIVE_FEE);
uint256 titanXToSwapAndBurn = currInterval.amountAllocated - incentive;
uint256 dragonXAmount = swapExactInput(address(titanX), address(dragonX), titanXToSwapAndBurn, 0, _deadline);
uint256 dragonXToUseForAscendantBnB = wmul(dragonXAmount, DRAGONX_TO_ASCENDANT_RATIO);
uint256 dragonXToSentToRewardPool = wmul(dragonXAmount, DRAGONX_TO_REWARD_POOL_RATIO);
titanX.transfer(msg.sender, incentive);
uint256 ascendantAmount =
swapExactInput(address(dragonX), address(ascendant), dragonXToUseForAscendantBnB, 0, _deadline);
nftMinting.distribute(dragonXToSentToRewardPool); // 20% of that is sent to the dragonX rewards pool
uint256 ascendantToBeBurned = wmul(ascendantAmount, THIRTY_PERCENT);
uint256 ascendantPrideForFutureAuctions = wmul(ascendantAmount, SEVENTY_PERCENT);
ascendant.transfer(address(ascendantPride), ascendantPrideForFutureAuctions);
burnAscendant(ascendantToBeBurned);
lastBurnedInterval = lastIntervalNumber;
emit BuyAndBurn(titanXToSwapAndBurn, ascendantAmount, msg.sender);
}
/**
* @notice Allows external parties to provide TitanX tokens for burning
* @param _amount Amount of TitanX tokens to distribute
* @dev Updates intervals if necessary before accepting new tokens
*/
function distributeTitanXForBurning(uint256 _amount) external notAmount0(_amount) {
///@dev - If there are some missed intervals update the accumulated allocation before depositing new DragonX
titanX.transferFrom(msg.sender, address(this), _amount);
if (Time.blockTs() > startTimeStamp && Time.blockTs() - lastBurnedIntervalStartTimestamp > INTERVAL_TIME) {
_intervalUpdate();
}
}
//==========================//
//=========GETTERS==========//
//==========================//
/**
* @notice Retrieves current interval information
* @return _lastInterval Current interval number
* @return _amountAllocated Amount allocated for current interval
* @return _missedIntervals Number of missed intervals
* @return _lastIntervalStartTimestamp Start of last interval
* @return beforeCurrday Amount allocated before current day
* @return updated Whether the interval was updated
*/
function getCurrentInterval()
public
view
returns (
uint32 _lastInterval,
uint128 _amountAllocated,
uint16 _missedIntervals,
uint32 _lastIntervalStartTimestamp,
uint256 beforeCurrday,
bool updated
)
{
if (startTimeStamp > Time.blockTs()) return (0, 0, 0, 0, 0, false);
uint32 startPoint = lastBurnedIntervalStartTimestamp == 0 ? startTimeStamp : lastBurnedIntervalStartTimestamp;
uint32 timeElapseSinceLastBurn = Time.blockTs() - startPoint;
if (lastBurnedIntervalStartTimestamp == 0 || timeElapseSinceLastBurn > INTERVAL_TIME) {
(_lastInterval, _amountAllocated, _missedIntervals, beforeCurrday) =
_calculateIntervals(timeElapseSinceLastBurn);
_lastIntervalStartTimestamp = startPoint;
_missedIntervals += timeElapseSinceLastBurn > INTERVAL_TIME && lastBurnedIntervalStartTimestamp != 0 ? 1 : 0;
updated = true;
}
}
/**
* @notice Calculates daily TitanX allocation
* @param t Timestamp to calculate allocation for
* @return dailyWadAllocation Daily allocation in WAD format
* @dev Allocation decreases linearly over first 10 days then remains constant
*/
function getDailyTitanXAllocation(uint32 t) public view returns (uint256 dailyWadAllocation) {
uint256 STARTING_ALOCATION = 0.42e18;
uint256 MIN_ALOCATION = 0.15e18;
uint256 daysSinceStart = Time.daysSinceAndFrom(startTimeStamp, t);
dailyWadAllocation = daysSinceStart >= 10 ? MIN_ALOCATION : STARTING_ALOCATION - (daysSinceStart * 0.03e18);
}
//==========================//
//=========INTERNAL=========//
//==========================//
/**
* @notice Updates the contract's snapshot of TitanX distribution
* @param deltaAmount Amount to subtract from current balance when calculating distribution
*/
function _updateSnapshot(uint256 deltaAmount) internal {
if (Time.blockTs() < startTimeStamp || lastSnapshot + 24 hours > Time.blockTs()) return;
uint32 timeElapsed = Time.blockTs() - startTimeStamp;
uint32 snapshots = timeElapsed / 24 hours;
uint256 balance = titanX.balanceOf(address(this));
totalTitanXDistributed = deltaAmount > balance ? 0 : balance - deltaAmount;
lastSnapshot = startTimeStamp + (snapshots * 24 hours);
}
/**
* @notice Calculates interval amounts and numbers based on elapsed time
* @dev Processes daily allocations and handles interval transitions
* @param timeElapsedSince Time elapsed since last update
* @return _lastIntervalNumber The calculated last interval number
* @return _totalAmountForInterval Total amount allocated for the interval
* @return missedIntervals Number of intervals that were missed
* @return beforeCurrDay Amount allocated before the current day
*/
function _calculateIntervals(uint256 timeElapsedSince)
internal
view
returns (
uint32 _lastIntervalNumber,
uint128 _totalAmountForInterval,
uint16 missedIntervals,
uint256 beforeCurrDay
)
{
missedIntervals = _calculateMissedIntervals(timeElapsedSince);
_lastIntervalNumber = lastIntervalNumber + missedIntervals + 1;
uint32 currentDay = Time.dayCountByT(uint32(block.timestamp));
uint32 dayOfLastInterval =
lastBurnedIntervalStartTimestamp == 0 ? currentDay : Time.dayCountByT(lastBurnedIntervalStartTimestamp);
if (currentDay == dayOfLastInterval) {
uint256 dailyAllocation = wmul(totalTitanXDistributed, getDailyTitanXAllocation(Time.blockTs()));
uint128 _amountPerInterval = uint128(dailyAllocation / INTERVALS_PER_DAY);
uint128 additionalAmount = _amountPerInterval * missedIntervals;
_totalAmountForInterval = additionalAmount + _amountPerInterval;
} else {
uint32 _lastBurnedIntervalStartTimestamp = lastBurnedIntervalStartTimestamp;
uint32 theEndOfTheDay = Time.getDayEnd(_lastBurnedIntervalStartTimestamp);
uint256 alreadyAllocated;
uint256 balanceOf = titanX.balanceOf(address(this));
while (currentDay >= dayOfLastInterval) {
uint32 end = uint32(Time.blockTs() < theEndOfTheDay ? Time.blockTs() : theEndOfTheDay - 1);
uint32 accumulatedIntervalsForTheDay = (end - _lastBurnedIntervalStartTimestamp) / INTERVAL_TIME;
uint256 diff = balanceOf > alreadyAllocated ? balanceOf - alreadyAllocated : 0;
//@note - If the day we are looping over the same day as the last interval's use the cached allocation, otherwise use the current balance
uint256 forAllocation = Time.dayCountByT(lastBurnedIntervalStartTimestamp) == dayOfLastInterval
? totalTitanXDistributed
: balanceOf >= alreadyAllocated + wmul(diff, getDailyTitanXAllocation(end)) ? diff : 0;
uint256 dailyAllocation = wmul(forAllocation, getDailyTitanXAllocation(end));
uint128 _amountPerInterval = uint128(dailyAllocation / INTERVALS_PER_DAY);
_totalAmountForInterval += _amountPerInterval * accumulatedIntervalsForTheDay;
///@notice -> minus 15 minutes since, at the end of the day the new epoch with new allocation
_lastBurnedIntervalStartTimestamp = theEndOfTheDay - INTERVAL_TIME;
///@notice -> plus 15 minutes to flip into the next day
theEndOfTheDay = Time.getDayEnd(_lastBurnedIntervalStartTimestamp + INTERVAL_TIME);
if (dayOfLastInterval == currentDay) beforeCurrDay = alreadyAllocated;
alreadyAllocated += dayOfLastInterval == currentDay
? _amountPerInterval * accumulatedIntervalsForTheDay
: dailyAllocation;
dayOfLastInterval++;
}
}
Interval memory prevInt = intervals[lastIntervalNumber];
//@note - If the last interval was only updated, but not burned add its allocation to the next one.
uint128 additional = prevInt.amountBurned == 0 ? prevInt.amountAllocated : 0;
if (_totalAmountForInterval + additional > titanX.balanceOf(address(this))) {
_totalAmountForInterval = uint128(titanX.balanceOf(address(this)));
} else {
_totalAmountForInterval += additional;
}
}
/**
* @notice Calculates the number of missed intervals
* @dev Subtracts one from the total if lastBurnedIntervalStartTimestamp is set
* @param timeElapsedSince Time elapsed since last update
* @return _missedIntervals Number of intervals that were missed
*/
function _calculateMissedIntervals(uint256 timeElapsedSince) internal view returns (uint16 _missedIntervals) {
_missedIntervals = uint16(timeElapsedSince / INTERVAL_TIME);
if (lastBurnedIntervalStartTimestamp != 0) _missedIntervals--;
}
//==========================//
//=========PRIVATE=========//
//==========================//
/**
* @notice Updates the contract state for intervals
* @dev Updates snapshots and interval information based on current time
*/
function _intervalUpdate() private {
if (Time.blockTs() < startTimeStamp) revert AscendantBuyAndBurn__NotStartedYet();
if (lastSnapshot == 0) _updateSnapshot(0);
(
uint32 _lastInterval,
uint128 _amountAllocated,
uint16 _missedIntervals,
uint32 _lastIntervalStartTimestamp,
uint256 beforeCurrentDay,
bool updated
) = getCurrentInterval();
_updateSnapshot(beforeCurrentDay);
if (updated) {
lastBurnedIntervalStartTimestamp = _lastIntervalStartTimestamp + (uint32(_missedIntervals) * INTERVAL_TIME);
intervals[_lastInterval] = Interval({amountAllocated: _amountAllocated, amountBurned: 0});
lastIntervalNumber = _lastInterval;
}
}
/**
* @notice Burns a specified amount of Ascendant tokens
* @dev Updates totalAscendantBurnt and calls burn on the Ascendant token
* @param _amount Amount of Ascendant tokens to burn
*/
function burnAscendant(uint256 _amount) private {
totalAscendantBurnt += _amount;
ascendant.burn(_amount);
}
/**
* @notice Checks if the caller is the slippage admin
* @dev Reverts if the caller is not the slippage admin
*/
function _onlySlippageAdmin() private view {
if (msg.sender != slippageAdmin) revert AscendantBuyAndBurn__OnlySlippageAdmin();
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC20Metadata} from "./extensions/IERC20Metadata.sol";
import {Context} from "../../utils/Context.sol";
import {IERC20Errors} from "../../interfaces/draft-IERC6093.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* The default value of {decimals} is 18. To change this, you should override
* this function so it returns a different value.
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC-20
* applications.
*/
abstract contract ERC20 is Context, IERC20, IERC20Metadata, IERC20Errors {
mapping(address account => uint256) private _balances;
mapping(address account => mapping(address spender => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the default value returned by this function, unless
* it's overridden.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `value`.
*/
function transfer(address to, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_transfer(owner, to, value);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, value);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Skips emitting an {Approval} event indicating an allowance update. This is not
* required by the ERC. See {xref-ERC20-_approve-address-address-uint256-bool-}[_approve].
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `value`.
* - the caller must have allowance for ``from``'s tokens of at least
* `value`.
*/
function transferFrom(address from, address to, uint256 value) public virtual returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, value);
_transfer(from, to, value);
return true;
}
/**
* @dev Moves a `value` amount of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _transfer(address from, address to, uint256 value) internal {
if (from == address(0)) {
revert ERC20InvalidSender(address(0));
}
if (to == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(from, to, value);
}
/**
* @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
* (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
* this function.
*
* Emits a {Transfer} event.
*/
function _update(address from, address to, uint256 value) internal virtual {
if (from == address(0)) {
// Overflow check required: The rest of the code assumes that totalSupply never overflows
_totalSupply += value;
} else {
uint256 fromBalance = _balances[from];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
_balances[from] = fromBalance - value;
}
}
if (to == address(0)) {
unchecked {
// Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
_totalSupply -= value;
}
} else {
unchecked {
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
_balances[to] += value;
}
}
emit Transfer(from, to, value);
}
/**
* @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
* Relies on the `_update` mechanism
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead.
*/
function _mint(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidReceiver(address(0));
}
_update(address(0), account, value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
* Relies on the `_update` mechanism.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* NOTE: This function is not virtual, {_update} should be overridden instead
*/
function _burn(address account, uint256 value) internal {
if (account == address(0)) {
revert ERC20InvalidSender(address(0));
}
_update(account, address(0), value);
}
/**
* @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address owner, address spender, uint256 value) internal {
_approve(owner, spender, value, true);
}
/**
* @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
*
* By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
* `_spendAllowance` during the `transferFrom` operation set the flag to false. This saves gas by not emitting any
* `Approval` event during `transferFrom` operations.
*
* Anyone who wishes to continue emitting `Approval` events on the`transferFrom` operation can force the flag to
* true using the following override:
*
* ```solidity
* function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
* super._approve(owner, spender, value, true);
* }
* ```
*
* Requirements are the same as {_approve}.
*/
function _approve(address owner, address spender, uint256 value, bool emitEvent) internal virtual {
if (owner == address(0)) {
revert ERC20InvalidApprover(address(0));
}
if (spender == address(0)) {
revert ERC20InvalidSpender(address(0));
}
_allowances[owner][spender] = value;
if (emitEvent) {
emit Approval(owner, spender, value);
}
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `value`.
*
* Does not update the allowance value in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Does not emit an {Approval} event.
*/
function _spendAllowance(address owner, address spender, uint256 value) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance < type(uint256).max) {
if (currentAllowance < value) {
revert ERC20InsufficientAllowance(spender, currentAllowance, value);
}
unchecked {
_approve(owner, spender, currentAllowance - value, false);
}
}
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
import {IUniswapV3PoolImmutables} from './pool/IUniswapV3PoolImmutables.sol';
import {IUniswapV3PoolState} from './pool/IUniswapV3PoolState.sol';
import {IUniswapV3PoolDerivedState} from './pool/IUniswapV3PoolDerivedState.sol';
import {IUniswapV3PoolActions} from './pool/IUniswapV3PoolActions.sol';
import {IUniswapV3PoolOwnerActions} from './pool/IUniswapV3PoolOwnerActions.sol';
import {IUniswapV3PoolErrors} from './pool/IUniswapV3PoolErrors.sol';
import {IUniswapV3PoolEvents} from './pool/IUniswapV3PoolEvents.sol';
/// @title The interface for a Uniswap V3 Pool
/// @notice A Uniswap pool facilitates swapping and automated market making between any two assets that strictly conform
/// to the ERC20 specification
/// @dev The pool interface is broken up into many smaller pieces
interface IUniswapV3Pool is
IUniswapV3PoolImmutables,
IUniswapV3PoolState,
IUniswapV3PoolDerivedState,
IUniswapV3PoolActions,
IUniswapV3PoolOwnerActions,
IUniswapV3PoolErrors,
IUniswapV3PoolEvents
{
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
pragma abicoder v2;
/// @title Quoter Interface
/// @notice Supports quoting the calculated amounts from exact input or exact output swaps
/// @dev These functions are not marked view because they rely on calling non-view functions and reverting
/// to compute the result. They are also not gas efficient and should not be called on-chain.
interface IQuoter {
/// @notice Returns the amount out received for a given exact input swap without executing the swap
/// @param path The path of the swap, i.e. each token pair and the pool fee
/// @param amountIn The amount of the first token to swap
/// @return amountOut The amount of the last token that would be received
function quoteExactInput(bytes memory path, uint256 amountIn) external returns (uint256 amountOut);
/// @notice Returns the amount out received for a given exact input but for a swap of a single pool
/// @param tokenIn The token being swapped in
/// @param tokenOut The token being swapped out
/// @param fee The fee of the token pool to consider for the pair
/// @param amountIn The desired input amount
/// @param sqrtPriceLimitX96 The price limit of the pool that cannot be exceeded by the swap
/// @return amountOut The amount of `tokenOut` that would be received
function quoteExactInputSingle(
address tokenIn,
address tokenOut,
uint24 fee,
uint256 amountIn,
uint160 sqrtPriceLimitX96
) external returns (uint256 amountOut);
/// @notice Returns the amount in required for a given exact output swap without executing the swap
/// @param path The path of the swap, i.e. each token pair and the pool fee. Path must be provided in reverse order
/// @param amountOut The amount of the last token to receive
/// @return amountIn The amount of first token required to be paid
function quoteExactOutput(bytes memory path, uint256 amountOut) external returns (uint256 amountIn);
/// @notice Returns the amount in required to receive the given exact output amount but for a swap of a single pool
/// @param tokenIn The token being swapped in
/// @param tokenOut The token being swapped out
/// @param fee The fee of the token pool to consider for the pair
/// @param amountOut The desired output amount
/// @param sqrtPriceLimitX96 The price limit of the pool that cannot be exceeded by the swap
/// @return amountIn The amount required as the input for the swap in order to receive `amountOut`
function quoteExactOutputSingle(
address tokenIn,
address tokenOut,
uint24 fee,
uint256 amountOut,
uint160 sqrtPriceLimitX96
) external returns (uint256 amountIn);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (access/Ownable2Step.sol)
pragma solidity ^0.8.20;
import {Ownable} from "./Ownable.sol";
/**
* @dev Contract module which provides access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* This extension of the {Ownable} contract includes a two-step mechanism to transfer
* ownership, where the new owner must call {acceptOwnership} in order to replace the
* old one. This can help prevent common mistakes, such as transfers of ownership to
* incorrect accounts, or to contracts that are unable to interact with the
* permission system.
*
* The initial owner is specified at deployment time in the constructor for `Ownable`. This
* can later be changed with {transferOwnership} and {acceptOwnership}.
*
* This module is used through inheritance. It will make available all functions
* from parent (Ownable).
*/
abstract contract Ownable2Step is Ownable {
address private _pendingOwner;
event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);
/**
* @dev Returns the address of the pending owner.
*/
function pendingOwner() public view virtual returns (address) {
return _pendingOwner;
}
/**
* @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.
* Can only be called by the current owner.
*
* Setting `newOwner` to the zero address is allowed; this can be used to cancel an initiated ownership transfer.
*/
function transferOwnership(address newOwner) public virtual override onlyOwner {
_pendingOwner = newOwner;
emit OwnershipTransferStarted(owner(), newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual override {
delete _pendingOwner;
super._transferOwnership(newOwner);
}
/**
* @dev The new owner accepts the ownership transfer.
*/
function acceptOwnership() public virtual {
address sender = _msgSender();
if (pendingOwner() != sender) {
revert OwnableUnauthorizedAccount(sender);
}
_transferOwnership(sender);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/ERC20Burnable.sol)
pragma solidity ^0.8.20;
import {ERC20} from "../ERC20.sol";
import {Context} from "../../../utils/Context.sol";
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
abstract contract ERC20Burnable is Context, ERC20 {
/**
* @dev Destroys a `value` amount of tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 value) public virtual {
_burn(_msgSender(), value);
}
/**
* @dev Destroys a `value` amount of tokens from `account`, deducting from
* the caller's allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for ``accounts``'s tokens of at least
* `value`.
*/
function burnFrom(address account, uint256 value) public virtual {
_spendAllowance(account, _msgSender(), value);
_burn(account, value);
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
pragma abicoder v2;
import '@openzeppelin/contracts/token/ERC721/extensions/IERC721Metadata.sol';
import '@openzeppelin/contracts/token/ERC721/extensions/IERC721Enumerable.sol';
import './IPoolInitializer.sol';
import './IERC721Permit.sol';
import './IPeripheryPayments.sol';
import './IPeripheryImmutableState.sol';
import '../libraries/PoolAddress.sol';
/// @title Non-fungible token for positions
/// @notice Wraps Uniswap V3 positions in a non-fungible token interface which allows for them to be transferred
/// and authorized.
interface INonfungiblePositionManager is
IPoolInitializer,
IPeripheryPayments,
IPeripheryImmutableState,
IERC721Metadata,
IERC721Enumerable,
IERC721Permit
{
/// @notice Emitted when liquidity is increased for a position NFT
/// @dev Also emitted when a token is minted
/// @param tokenId The ID of the token for which liquidity was increased
/// @param liquidity The amount by which liquidity for the NFT position was increased
/// @param amount0 The amount of token0 that was paid for the increase in liquidity
/// @param amount1 The amount of token1 that was paid for the increase in liquidity
event IncreaseLiquidity(uint256 indexed tokenId, uint128 liquidity, uint256 amount0, uint256 amount1);
/// @notice Emitted when liquidity is decreased for a position NFT
/// @param tokenId The ID of the token for which liquidity was decreased
/// @param liquidity The amount by which liquidity for the NFT position was decreased
/// @param amount0 The amount of token0 that was accounted for the decrease in liquidity
/// @param amount1 The amount of token1 that was accounted for the decrease in liquidity
event DecreaseLiquidity(uint256 indexed tokenId, uint128 liquidity, uint256 amount0, uint256 amount1);
/// @notice Emitted when tokens are collected for a position NFT
/// @dev The amounts reported may not be exactly equivalent to the amounts transferred, due to rounding behavior
/// @param tokenId The ID of the token for which underlying tokens were collected
/// @param recipient The address of the account that received the collected tokens
/// @param amount0 The amount of token0 owed to the position that was collected
/// @param amount1 The amount of token1 owed to the position that was collected
event Collect(uint256 indexed tokenId, address recipient, uint256 amount0, uint256 amount1);
/// @notice Returns the position information associated with a given token ID.
/// @dev Throws if the token ID is not valid.
/// @param tokenId The ID of the token that represents the position
/// @return nonce The nonce for permits
/// @return operator The address that is approved for spending
/// @return token0 The address of the token0 for a specific pool
/// @return token1 The address of the token1 for a specific pool
/// @return fee The fee associated with the pool
/// @return tickLower The lower end of the tick range for the position
/// @return tickUpper The higher end of the tick range for the position
/// @return liquidity The liquidity of the position
/// @return feeGrowthInside0LastX128 The fee growth of token0 as of the last action on the individual position
/// @return feeGrowthInside1LastX128 The fee growth of token1 as of the last action on the individual position
/// @return tokensOwed0 The uncollected amount of token0 owed to the position as of the last computation
/// @return tokensOwed1 The uncollected amount of token1 owed to the position as of the last computation
function positions(uint256 tokenId)
external
view
returns (
uint96 nonce,
address operator,
address token0,
address token1,
uint24 fee,
int24 tickLower,
int24 tickUpper,
uint128 liquidity,
uint256 feeGrowthInside0LastX128,
uint256 feeGrowthInside1LastX128,
uint128 tokensOwed0,
uint128 tokensOwed1
);
struct MintParams {
address token0;
address token1;
uint24 fee;
int24 tickLower;
int24 tickUpper;
uint256 amount0Desired;
uint256 amount1Desired;
uint256 amount0Min;
uint256 amount1Min;
address recipient;
uint256 deadline;
}
/// @notice Creates a new position wrapped in a NFT
/// @dev Call this when the pool does exist and is initialized. Note that if the pool is created but not initialized
/// a method does not exist, i.e. the pool is assumed to be initialized.
/// @param params The params necessary to mint a position, encoded as `MintParams` in calldata
/// @return tokenId The ID of the token that represents the minted position
/// @return liquidity The amount of liquidity for this position
/// @return amount0 The amount of token0
/// @return amount1 The amount of token1
function mint(MintParams calldata params)
external
payable
returns (
uint256 tokenId,
uint128 liquidity,
uint256 amount0,
uint256 amount1
);
struct IncreaseLiquidityParams {
uint256 tokenId;
uint256 amount0Desired;
uint256 amount1Desired;
uint256 amount0Min;
uint256 amount1Min;
uint256 deadline;
}
/// @notice Increases the amount of liquidity in a position, with tokens paid by the `msg.sender`
/// @param params tokenId The ID of the token for which liquidity is being increased,
/// amount0Desired The desired amount of token0 to be spent,
/// amount1Desired The desired amount of token1 to be spent,
/// amount0Min The minimum amount of token0 to spend, which serves as a slippage check,
/// amount1Min The minimum amount of token1 to spend, which serves as a slippage check,
/// deadline The time by which the transaction must be included to effect the change
/// @return liquidity The new liquidity amount as a result of the increase
/// @return amount0 The amount of token0 to acheive resulting liquidity
/// @return amount1 The amount of token1 to acheive resulting liquidity
function increaseLiquidity(IncreaseLiquidityParams calldata params)
external
payable
returns (
uint128 liquidity,
uint256 amount0,
uint256 amount1
);
struct DecreaseLiquidityParams {
uint256 tokenId;
uint128 liquidity;
uint256 amount0Min;
uint256 amount1Min;
uint256 deadline;
}
/// @notice Decreases the amount of liquidity in a position and accounts it to the position
/// @param params tokenId The ID of the token for which liquidity is being decreased,
/// amount The amount by which liquidity will be decreased,
/// amount0Min The minimum amount of token0 that should be accounted for the burned liquidity,
/// amount1Min The minimum amount of token1 that should be accounted for the burned liquidity,
/// deadline The time by which the transaction must be included to effect the change
/// @return amount0 The amount of token0 accounted to the position's tokens owed
/// @return amount1 The amount of token1 accounted to the position's tokens owed
function decreaseLiquidity(DecreaseLiquidityParams calldata params)
external
payable
returns (uint256 amount0, uint256 amount1);
struct CollectParams {
uint256 tokenId;
address recipient;
uint128 amount0Max;
uint128 amount1Max;
}
/// @notice Collects up to a maximum amount of fees owed to a specific position to the recipient
/// @param params tokenId The ID of the NFT for which tokens are being collected,
/// recipient The account that should receive the tokens,
/// amount0Max The maximum amount of token0 to collect,
/// amount1Max The maximum amount of token1 to collect
/// @return amount0 The amount of fees collected in token0
/// @return amount1 The amount of fees collected in token1
function collect(CollectParams calldata params) external payable returns (uint256 amount0, uint256 amount1);
/// @notice Burns a token ID, which deletes it from the NFT contract. The token must have 0 liquidity and all tokens
/// must be collected first.
/// @param tokenId The ID of the token that is being burned
function burn(uint256 tokenId) external payable;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Panic.sol)
pragma solidity ^0.8.20;
/**
* @dev Helper library for emitting standardized panic codes.
*
* ```solidity
* contract Example {
* using Panic for uint256;
*
* // Use any of the declared internal constants
* function foo() { Panic.GENERIC.panic(); }
*
* // Alternatively
* function foo() { Panic.panic(Panic.GENERIC); }
* }
* ```
*
* Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil].
*
* _Available since v5.1._
*/
// slither-disable-next-line unused-state
library Panic {
/// @dev generic / unspecified error
uint256 internal constant GENERIC = 0x00;
/// @dev used by the assert() builtin
uint256 internal constant ASSERT = 0x01;
/// @dev arithmetic underflow or overflow
uint256 internal constant UNDER_OVERFLOW = 0x11;
/// @dev division or modulo by zero
uint256 internal constant DIVISION_BY_ZERO = 0x12;
/// @dev enum conversion error
uint256 internal constant ENUM_CONVERSION_ERROR = 0x21;
/// @dev invalid encoding in storage
uint256 internal constant STORAGE_ENCODING_ERROR = 0x22;
/// @dev empty array pop
uint256 internal constant EMPTY_ARRAY_POP = 0x31;
/// @dev array out of bounds access
uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32;
/// @dev resource error (too large allocation or too large array)
uint256 internal constant RESOURCE_ERROR = 0x41;
/// @dev calling invalid internal function
uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51;
/// @dev Reverts with a panic code. Recommended to use with
/// the internal constants with predefined codes.
function panic(uint256 code) internal pure {
assembly ("memory-safe") {
mstore(0x00, 0x4e487b71)
mstore(0x20, code)
revert(0x1c, 0x24)
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SafeCast.sol)
// This file was procedurally generated from scripts/generate/templates/SafeCast.js.
pragma solidity ^0.8.20;
/**
* @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow
* checks.
*
* Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
* easily result in undesired exploitation or bugs, since developers usually
* assume that overflows raise errors. `SafeCast` restores this intuition by
* reverting the transaction when such an operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeCast {
/**
* @dev Value doesn't fit in an uint of `bits` size.
*/
error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);
/**
* @dev An int value doesn't fit in an uint of `bits` size.
*/
error SafeCastOverflowedIntToUint(int256 value);
/**
* @dev Value doesn't fit in an int of `bits` size.
*/
error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);
/**
* @dev An uint value doesn't fit in an int of `bits` size.
*/
error SafeCastOverflowedUintToInt(uint256 value);
/**
* @dev Returns the downcasted uint248 from uint256, reverting on
* overflow (when the input is greater than largest uint248).
*
* Counterpart to Solidity's `uint248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/
function toUint248(uint256 value) internal pure returns (uint248) {
if (value > type(uint248).max) {
revert SafeCastOverflowedUintDowncast(248, value);
}
return uint248(value);
}
/**
* @dev Returns the downcasted uint240 from uint256, reverting on
* overflow (when the input is greater than largest uint240).
*
* Counterpart to Solidity's `uint240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/
function toUint240(uint256 value) internal pure returns (uint240) {
if (value > type(uint240).max) {
revert SafeCastOverflowedUintDowncast(240, value);
}
return uint240(value);
}
/**
* @dev Returns the downcasted uint232 from uint256, reverting on
* overflow (when the input is greater than largest uint232).
*
* Counterpart to Solidity's `uint232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/
function toUint232(uint256 value) internal pure returns (uint232) {
if (value > type(uint232).max) {
revert SafeCastOverflowedUintDowncast(232, value);
}
return uint232(value);
}
/**
* @dev Returns the downcasted uint224 from uint256, reverting on
* overflow (when the input is greater than largest uint224).
*
* Counterpart to Solidity's `uint224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toUint224(uint256 value) internal pure returns (uint224) {
if (value > type(uint224).max) {
revert SafeCastOverflowedUintDowncast(224, value);
}
return uint224(value);
}
/**
* @dev Returns the downcasted uint216 from uint256, reverting on
* overflow (when the input is greater than largest uint216).
*
* Counterpart to Solidity's `uint216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/
function toUint216(uint256 value) internal pure returns (uint216) {
if (value > type(uint216).max) {
revert SafeCastOverflowedUintDowncast(216, value);
}
return uint216(value);
}
/**
* @dev Returns the downcasted uint208 from uint256, reverting on
* overflow (when the input is greater than largest uint208).
*
* Counterpart to Solidity's `uint208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/
function toUint208(uint256 value) internal pure returns (uint208) {
if (value > type(uint208).max) {
revert SafeCastOverflowedUintDowncast(208, value);
}
return uint208(value);
}
/**
* @dev Returns the downcasted uint200 from uint256, reverting on
* overflow (when the input is greater than largest uint200).
*
* Counterpart to Solidity's `uint200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/
function toUint200(uint256 value) internal pure returns (uint200) {
if (value > type(uint200).max) {
revert SafeCastOverflowedUintDowncast(200, value);
}
return uint200(value);
}
/**
* @dev Returns the downcasted uint192 from uint256, reverting on
* overflow (when the input is greater than largest uint192).
*
* Counterpart to Solidity's `uint192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/
function toUint192(uint256 value) internal pure returns (uint192) {
if (value > type(uint192).max) {
revert SafeCastOverflowedUintDowncast(192, value);
}
return uint192(value);
}
/**
* @dev Returns the downcasted uint184 from uint256, reverting on
* overflow (when the input is greater than largest uint184).
*
* Counterpart to Solidity's `uint184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/
function toUint184(uint256 value) internal pure returns (uint184) {
if (value > type(uint184).max) {
revert SafeCastOverflowedUintDowncast(184, value);
}
return uint184(value);
}
/**
* @dev Returns the downcasted uint176 from uint256, reverting on
* overflow (when the input is greater than largest uint176).
*
* Counterpart to Solidity's `uint176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/
function toUint176(uint256 value) internal pure returns (uint176) {
if (value > type(uint176).max) {
revert SafeCastOverflowedUintDowncast(176, value);
}
return uint176(value);
}
/**
* @dev Returns the downcasted uint168 from uint256, reverting on
* overflow (when the input is greater than largest uint168).
*
* Counterpart to Solidity's `uint168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/
function toUint168(uint256 value) internal pure returns (uint168) {
if (value > type(uint168).max) {
revert SafeCastOverflowedUintDowncast(168, value);
}
return uint168(value);
}
/**
* @dev Returns the downcasted uint160 from uint256, reverting on
* overflow (when the input is greater than largest uint160).
*
* Counterpart to Solidity's `uint160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/
function toUint160(uint256 value) internal pure returns (uint160) {
if (value > type(uint160).max) {
revert SafeCastOverflowedUintDowncast(160, value);
}
return uint160(value);
}
/**
* @dev Returns the downcasted uint152 from uint256, reverting on
* overflow (when the input is greater than largest uint152).
*
* Counterpart to Solidity's `uint152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/
function toUint152(uint256 value) internal pure returns (uint152) {
if (value > type(uint152).max) {
revert SafeCastOverflowedUintDowncast(152, value);
}
return uint152(value);
}
/**
* @dev Returns the downcasted uint144 from uint256, reverting on
* overflow (when the input is greater than largest uint144).
*
* Counterpart to Solidity's `uint144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/
function toUint144(uint256 value) internal pure returns (uint144) {
if (value > type(uint144).max) {
revert SafeCastOverflowedUintDowncast(144, value);
}
return uint144(value);
}
/**
* @dev Returns the downcasted uint136 from uint256, reverting on
* overflow (when the input is greater than largest uint136).
*
* Counterpart to Solidity's `uint136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/
function toUint136(uint256 value) internal pure returns (uint136) {
if (value > type(uint136).max) {
revert SafeCastOverflowedUintDowncast(136, value);
}
return uint136(value);
}
/**
* @dev Returns the downcasted uint128 from uint256, reverting on
* overflow (when the input is greater than largest uint128).
*
* Counterpart to Solidity's `uint128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toUint128(uint256 value) internal pure returns (uint128) {
if (value > type(uint128).max) {
revert SafeCastOverflowedUintDowncast(128, value);
}
return uint128(value);
}
/**
* @dev Returns the downcasted uint120 from uint256, reverting on
* overflow (when the input is greater than largest uint120).
*
* Counterpart to Solidity's `uint120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/
function toUint120(uint256 value) internal pure returns (uint120) {
if (value > type(uint120).max) {
revert SafeCastOverflowedUintDowncast(120, value);
}
return uint120(value);
}
/**
* @dev Returns the downcasted uint112 from uint256, reverting on
* overflow (when the input is greater than largest uint112).
*
* Counterpart to Solidity's `uint112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/
function toUint112(uint256 value) internal pure returns (uint112) {
if (value > type(uint112).max) {
revert SafeCastOverflowedUintDowncast(112, value);
}
return uint112(value);
}
/**
* @dev Returns the downcasted uint104 from uint256, reverting on
* overflow (when the input is greater than largest uint104).
*
* Counterpart to Solidity's `uint104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/
function toUint104(uint256 value) internal pure returns (uint104) {
if (value > type(uint104).max) {
revert SafeCastOverflowedUintDowncast(104, value);
}
return uint104(value);
}
/**
* @dev Returns the downcasted uint96 from uint256, reverting on
* overflow (when the input is greater than largest uint96).
*
* Counterpart to Solidity's `uint96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toUint96(uint256 value) internal pure returns (uint96) {
if (value > type(uint96).max) {
revert SafeCastOverflowedUintDowncast(96, value);
}
return uint96(value);
}
/**
* @dev Returns the downcasted uint88 from uint256, reverting on
* overflow (when the input is greater than largest uint88).
*
* Counterpart to Solidity's `uint88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/
function toUint88(uint256 value) internal pure returns (uint88) {
if (value > type(uint88).max) {
revert SafeCastOverflowedUintDowncast(88, value);
}
return uint88(value);
}
/**
* @dev Returns the downcasted uint80 from uint256, reverting on
* overflow (when the input is greater than largest uint80).
*
* Counterpart to Solidity's `uint80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/
function toUint80(uint256 value) internal pure returns (uint80) {
if (value > type(uint80).max) {
revert SafeCastOverflowedUintDowncast(80, value);
}
return uint80(value);
}
/**
* @dev Returns the downcasted uint72 from uint256, reverting on
* overflow (when the input is greater than largest uint72).
*
* Counterpart to Solidity's `uint72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/
function toUint72(uint256 value) internal pure returns (uint72) {
if (value > type(uint72).max) {
revert SafeCastOverflowedUintDowncast(72, value);
}
return uint72(value);
}
/**
* @dev Returns the downcasted uint64 from uint256, reverting on
* overflow (when the input is greater than largest uint64).
*
* Counterpart to Solidity's `uint64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toUint64(uint256 value) internal pure returns (uint64) {
if (value > type(uint64).max) {
revert SafeCastOverflowedUintDowncast(64, value);
}
return uint64(value);
}
/**
* @dev Returns the downcasted uint56 from uint256, reverting on
* overflow (when the input is greater than largest uint56).
*
* Counterpart to Solidity's `uint56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/
function toUint56(uint256 value) internal pure returns (uint56) {
if (value > type(uint56).max) {
revert SafeCastOverflowedUintDowncast(56, value);
}
return uint56(value);
}
/**
* @dev Returns the downcasted uint48 from uint256, reverting on
* overflow (when the input is greater than largest uint48).
*
* Counterpart to Solidity's `uint48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/
function toUint48(uint256 value) internal pure returns (uint48) {
if (value > type(uint48).max) {
revert SafeCastOverflowedUintDowncast(48, value);
}
return uint48(value);
}
/**
* @dev Returns the downcasted uint40 from uint256, reverting on
* overflow (when the input is greater than largest uint40).
*
* Counterpart to Solidity's `uint40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/
function toUint40(uint256 value) internal pure returns (uint40) {
if (value > type(uint40).max) {
revert SafeCastOverflowedUintDowncast(40, value);
}
return uint40(value);
}
/**
* @dev Returns the downcasted uint32 from uint256, reverting on
* overflow (when the input is greater than largest uint32).
*
* Counterpart to Solidity's `uint32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toUint32(uint256 value) internal pure returns (uint32) {
if (value > type(uint32).max) {
revert SafeCastOverflowedUintDowncast(32, value);
}
return uint32(value);
}
/**
* @dev Returns the downcasted uint24 from uint256, reverting on
* overflow (when the input is greater than largest uint24).
*
* Counterpart to Solidity's `uint24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/
function toUint24(uint256 value) internal pure returns (uint24) {
if (value > type(uint24).max) {
revert SafeCastOverflowedUintDowncast(24, value);
}
return uint24(value);
}
/**
* @dev Returns the downcasted uint16 from uint256, reverting on
* overflow (when the input is greater than largest uint16).
*
* Counterpart to Solidity's `uint16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toUint16(uint256 value) internal pure returns (uint16) {
if (value > type(uint16).max) {
revert SafeCastOverflowedUintDowncast(16, value);
}
return uint16(value);
}
/**
* @dev Returns the downcasted uint8 from uint256, reverting on
* overflow (when the input is greater than largest uint8).
*
* Counterpart to Solidity's `uint8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/
function toUint8(uint256 value) internal pure returns (uint8) {
if (value > type(uint8).max) {
revert SafeCastOverflowedUintDowncast(8, value);
}
return uint8(value);
}
/**
* @dev Converts a signed int256 into an unsigned uint256.
*
* Requirements:
*
* - input must be greater than or equal to 0.
*/
function toUint256(int256 value) internal pure returns (uint256) {
if (value < 0) {
revert SafeCastOverflowedIntToUint(value);
}
return uint256(value);
}
/**
* @dev Returns the downcasted int248 from int256, reverting on
* overflow (when the input is less than smallest int248 or
* greater than largest int248).
*
* Counterpart to Solidity's `int248` operator.
*
* Requirements:
*
* - input must fit into 248 bits
*/
function toInt248(int256 value) internal pure returns (int248 downcasted) {
downcasted = int248(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(248, value);
}
}
/**
* @dev Returns the downcasted int240 from int256, reverting on
* overflow (when the input is less than smallest int240 or
* greater than largest int240).
*
* Counterpart to Solidity's `int240` operator.
*
* Requirements:
*
* - input must fit into 240 bits
*/
function toInt240(int256 value) internal pure returns (int240 downcasted) {
downcasted = int240(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(240, value);
}
}
/**
* @dev Returns the downcasted int232 from int256, reverting on
* overflow (when the input is less than smallest int232 or
* greater than largest int232).
*
* Counterpart to Solidity's `int232` operator.
*
* Requirements:
*
* - input must fit into 232 bits
*/
function toInt232(int256 value) internal pure returns (int232 downcasted) {
downcasted = int232(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(232, value);
}
}
/**
* @dev Returns the downcasted int224 from int256, reverting on
* overflow (when the input is less than smallest int224 or
* greater than largest int224).
*
* Counterpart to Solidity's `int224` operator.
*
* Requirements:
*
* - input must fit into 224 bits
*/
function toInt224(int256 value) internal pure returns (int224 downcasted) {
downcasted = int224(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(224, value);
}
}
/**
* @dev Returns the downcasted int216 from int256, reverting on
* overflow (when the input is less than smallest int216 or
* greater than largest int216).
*
* Counterpart to Solidity's `int216` operator.
*
* Requirements:
*
* - input must fit into 216 bits
*/
function toInt216(int256 value) internal pure returns (int216 downcasted) {
downcasted = int216(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(216, value);
}
}
/**
* @dev Returns the downcasted int208 from int256, reverting on
* overflow (when the input is less than smallest int208 or
* greater than largest int208).
*
* Counterpart to Solidity's `int208` operator.
*
* Requirements:
*
* - input must fit into 208 bits
*/
function toInt208(int256 value) internal pure returns (int208 downcasted) {
downcasted = int208(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(208, value);
}
}
/**
* @dev Returns the downcasted int200 from int256, reverting on
* overflow (when the input is less than smallest int200 or
* greater than largest int200).
*
* Counterpart to Solidity's `int200` operator.
*
* Requirements:
*
* - input must fit into 200 bits
*/
function toInt200(int256 value) internal pure returns (int200 downcasted) {
downcasted = int200(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(200, value);
}
}
/**
* @dev Returns the downcasted int192 from int256, reverting on
* overflow (when the input is less than smallest int192 or
* greater than largest int192).
*
* Counterpart to Solidity's `int192` operator.
*
* Requirements:
*
* - input must fit into 192 bits
*/
function toInt192(int256 value) internal pure returns (int192 downcasted) {
downcasted = int192(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(192, value);
}
}
/**
* @dev Returns the downcasted int184 from int256, reverting on
* overflow (when the input is less than smallest int184 or
* greater than largest int184).
*
* Counterpart to Solidity's `int184` operator.
*
* Requirements:
*
* - input must fit into 184 bits
*/
function toInt184(int256 value) internal pure returns (int184 downcasted) {
downcasted = int184(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(184, value);
}
}
/**
* @dev Returns the downcasted int176 from int256, reverting on
* overflow (when the input is less than smallest int176 or
* greater than largest int176).
*
* Counterpart to Solidity's `int176` operator.
*
* Requirements:
*
* - input must fit into 176 bits
*/
function toInt176(int256 value) internal pure returns (int176 downcasted) {
downcasted = int176(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(176, value);
}
}
/**
* @dev Returns the downcasted int168 from int256, reverting on
* overflow (when the input is less than smallest int168 or
* greater than largest int168).
*
* Counterpart to Solidity's `int168` operator.
*
* Requirements:
*
* - input must fit into 168 bits
*/
function toInt168(int256 value) internal pure returns (int168 downcasted) {
downcasted = int168(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(168, value);
}
}
/**
* @dev Returns the downcasted int160 from int256, reverting on
* overflow (when the input is less than smallest int160 or
* greater than largest int160).
*
* Counterpart to Solidity's `int160` operator.
*
* Requirements:
*
* - input must fit into 160 bits
*/
function toInt160(int256 value) internal pure returns (int160 downcasted) {
downcasted = int160(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(160, value);
}
}
/**
* @dev Returns the downcasted int152 from int256, reverting on
* overflow (when the input is less than smallest int152 or
* greater than largest int152).
*
* Counterpart to Solidity's `int152` operator.
*
* Requirements:
*
* - input must fit into 152 bits
*/
function toInt152(int256 value) internal pure returns (int152 downcasted) {
downcasted = int152(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(152, value);
}
}
/**
* @dev Returns the downcasted int144 from int256, reverting on
* overflow (when the input is less than smallest int144 or
* greater than largest int144).
*
* Counterpart to Solidity's `int144` operator.
*
* Requirements:
*
* - input must fit into 144 bits
*/
function toInt144(int256 value) internal pure returns (int144 downcasted) {
downcasted = int144(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(144, value);
}
}
/**
* @dev Returns the downcasted int136 from int256, reverting on
* overflow (when the input is less than smallest int136 or
* greater than largest int136).
*
* Counterpart to Solidity's `int136` operator.
*
* Requirements:
*
* - input must fit into 136 bits
*/
function toInt136(int256 value) internal pure returns (int136 downcasted) {
downcasted = int136(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(136, value);
}
}
/**
* @dev Returns the downcasted int128 from int256, reverting on
* overflow (when the input is less than smallest int128 or
* greater than largest int128).
*
* Counterpart to Solidity's `int128` operator.
*
* Requirements:
*
* - input must fit into 128 bits
*/
function toInt128(int256 value) internal pure returns (int128 downcasted) {
downcasted = int128(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(128, value);
}
}
/**
* @dev Returns the downcasted int120 from int256, reverting on
* overflow (when the input is less than smallest int120 or
* greater than largest int120).
*
* Counterpart to Solidity's `int120` operator.
*
* Requirements:
*
* - input must fit into 120 bits
*/
function toInt120(int256 value) internal pure returns (int120 downcasted) {
downcasted = int120(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(120, value);
}
}
/**
* @dev Returns the downcasted int112 from int256, reverting on
* overflow (when the input is less than smallest int112 or
* greater than largest int112).
*
* Counterpart to Solidity's `int112` operator.
*
* Requirements:
*
* - input must fit into 112 bits
*/
function toInt112(int256 value) internal pure returns (int112 downcasted) {
downcasted = int112(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(112, value);
}
}
/**
* @dev Returns the downcasted int104 from int256, reverting on
* overflow (when the input is less than smallest int104 or
* greater than largest int104).
*
* Counterpart to Solidity's `int104` operator.
*
* Requirements:
*
* - input must fit into 104 bits
*/
function toInt104(int256 value) internal pure returns (int104 downcasted) {
downcasted = int104(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(104, value);
}
}
/**
* @dev Returns the downcasted int96 from int256, reverting on
* overflow (when the input is less than smallest int96 or
* greater than largest int96).
*
* Counterpart to Solidity's `int96` operator.
*
* Requirements:
*
* - input must fit into 96 bits
*/
function toInt96(int256 value) internal pure returns (int96 downcasted) {
downcasted = int96(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(96, value);
}
}
/**
* @dev Returns the downcasted int88 from int256, reverting on
* overflow (when the input is less than smallest int88 or
* greater than largest int88).
*
* Counterpart to Solidity's `int88` operator.
*
* Requirements:
*
* - input must fit into 88 bits
*/
function toInt88(int256 value) internal pure returns (int88 downcasted) {
downcasted = int88(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(88, value);
}
}
/**
* @dev Returns the downcasted int80 from int256, reverting on
* overflow (when the input is less than smallest int80 or
* greater than largest int80).
*
* Counterpart to Solidity's `int80` operator.
*
* Requirements:
*
* - input must fit into 80 bits
*/
function toInt80(int256 value) internal pure returns (int80 downcasted) {
downcasted = int80(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(80, value);
}
}
/**
* @dev Returns the downcasted int72 from int256, reverting on
* overflow (when the input is less than smallest int72 or
* greater than largest int72).
*
* Counterpart to Solidity's `int72` operator.
*
* Requirements:
*
* - input must fit into 72 bits
*/
function toInt72(int256 value) internal pure returns (int72 downcasted) {
downcasted = int72(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(72, value);
}
}
/**
* @dev Returns the downcasted int64 from int256, reverting on
* overflow (when the input is less than smallest int64 or
* greater than largest int64).
*
* Counterpart to Solidity's `int64` operator.
*
* Requirements:
*
* - input must fit into 64 bits
*/
function toInt64(int256 value) internal pure returns (int64 downcasted) {
downcasted = int64(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(64, value);
}
}
/**
* @dev Returns the downcasted int56 from int256, reverting on
* overflow (when the input is less than smallest int56 or
* greater than largest int56).
*
* Counterpart to Solidity's `int56` operator.
*
* Requirements:
*
* - input must fit into 56 bits
*/
function toInt56(int256 value) internal pure returns (int56 downcasted) {
downcasted = int56(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(56, value);
}
}
/**
* @dev Returns the downcasted int48 from int256, reverting on
* overflow (when the input is less than smallest int48 or
* greater than largest int48).
*
* Counterpart to Solidity's `int48` operator.
*
* Requirements:
*
* - input must fit into 48 bits
*/
function toInt48(int256 value) internal pure returns (int48 downcasted) {
downcasted = int48(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(48, value);
}
}
/**
* @dev Returns the downcasted int40 from int256, reverting on
* overflow (when the input is less than smallest int40 or
* greater than largest int40).
*
* Counterpart to Solidity's `int40` operator.
*
* Requirements:
*
* - input must fit into 40 bits
*/
function toInt40(int256 value) internal pure returns (int40 downcasted) {
downcasted = int40(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(40, value);
}
}
/**
* @dev Returns the downcasted int32 from int256, reverting on
* overflow (when the input is less than smallest int32 or
* greater than largest int32).
*
* Counterpart to Solidity's `int32` operator.
*
* Requirements:
*
* - input must fit into 32 bits
*/
function toInt32(int256 value) internal pure returns (int32 downcasted) {
downcasted = int32(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(32, value);
}
}
/**
* @dev Returns the downcasted int24 from int256, reverting on
* overflow (when the input is less than smallest int24 or
* greater than largest int24).
*
* Counterpart to Solidity's `int24` operator.
*
* Requirements:
*
* - input must fit into 24 bits
*/
function toInt24(int256 value) internal pure returns (int24 downcasted) {
downcasted = int24(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(24, value);
}
}
/**
* @dev Returns the downcasted int16 from int256, reverting on
* overflow (when the input is less than smallest int16 or
* greater than largest int16).
*
* Counterpart to Solidity's `int16` operator.
*
* Requirements:
*
* - input must fit into 16 bits
*/
function toInt16(int256 value) internal pure returns (int16 downcasted) {
downcasted = int16(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(16, value);
}
}
/**
* @dev Returns the downcasted int8 from int256, reverting on
* overflow (when the input is less than smallest int8 or
* greater than largest int8).
*
* Counterpart to Solidity's `int8` operator.
*
* Requirements:
*
* - input must fit into 8 bits
*/
function toInt8(int256 value) internal pure returns (int8 downcasted) {
downcasted = int8(value);
if (downcasted != value) {
revert SafeCastOverflowedIntDowncast(8, value);
}
}
/**
* @dev Converts an unsigned uint256 into a signed int256.
*
* Requirements:
*
* - input must be less than or equal to maxInt256.
*/
function toInt256(uint256 value) internal pure returns (int256) {
// Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive
if (value > uint256(type(int256).max)) {
revert SafeCastOverflowedUintToInt(value);
}
return int256(value);
}
/**
* @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump.
*/
function toUint(bool b) internal pure returns (uint256 u) {
assembly ("memory-safe") {
u := iszero(iszero(b))
}
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import {IERC20} from "@openzeppelin/contracts/interfaces/IERC20.sol";
import {AscendantAuction} from "@core/AscendantAuction.sol";
import {Ascendant} from "@core/Ascendant.sol";
interface IAscendantBuyAndBurn {
function distributeTitanXForBurning(uint256 _amount) external;
}
interface IAscendantNFTMinting {
function claim(uint256 _tokenId, address _receiver) external;
}
interface IAscendant is IERC20 {
/* == ERRORS == */
error Ascendant__OnlyAuction();
/* == VIEW FUNCTIONS == */
function auction() external view returns (AscendantAuction);
function buyAndBurn() external view returns (IAscendantBuyAndBurn);
function pool() external view returns (address);
/* == EXTERNAL FUNCTIONS == */
function burn(uint256 amount) external;
function emitForAuction() external returns (uint256 emitted);
function emitForLp() external returns (uint256 emitted);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*
* NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
* only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
* set here.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
safeTransfer(token, to, value);
} else if (!token.transferAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
* has no code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferFromAndCallRelaxed(
IERC1363 token,
address from,
address to,
uint256 value,
bytes memory data
) internal {
if (to.code.length == 0) {
safeTransferFrom(token, from, to, value);
} else if (!token.transferFromAndCall(from, to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
* Opposedly, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
* once without retrying, and relies on the returned value to be true.
*
* Reverts if the returned value is other than `true`.
*/
function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
forceApprove(token, to, value);
} else if (!token.approveAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturnBool} that reverts if call fails to meet the requirements.
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
let success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
// bubble errors
if iszero(success) {
let ptr := mload(0x40)
returndatacopy(ptr, 0, returndatasize())
revert(ptr, returndatasize())
}
returnSize := returndatasize()
returnValue := mload(0)
}
if (returnSize == 0 ? address(token).code.length == 0 : returnValue != 1) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silently catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
bool success;
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
returnSize := returndatasize()
returnValue := mload(0)
}
return success && (returnSize == 0 ? address(token).code.length > 0 : returnValue == 1);
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
contract Errors {
/// @notice Error thrown when an address is the zero address.
error Address0();
/// @notice Error thrown when the caller is not an EOA.
error OnlyEOA();
/// @notice Error thrown when an amount is zero.
error Amount0();
/// @notice Error thrown when an operation is attempted after the specified deadline.
error Expired();
/// @notice Error thrown when one value is greater than another.
/// @param a The first value that is greater than the second value.
/// @param b The second value which is smaller or equal to the first value.
error GreaterThan(uint256 a, uint256 b);
/**
* @notice Modifier to prevent operations with a zero amount.
* @dev Throws an `Amount0` error if the provided amount is zero.
* @param a The amount to be checked.
*/
modifier notAmount0(uint256 a) {
require(a != 0, Amount0());
_;
}
/**
* @notice Modifier to ensure a function is called before a specified deadline.
* @dev Throws an `Expired` error if the current block timestamp exceeds the provided deadline.
* @param _deadline The deadline timestamp by which the function must be called.
*/
modifier notExpired(uint32 _deadline) {
require(block.timestamp <= _deadline, Expired());
_;
}
/**
* @notice Modifier to prevent operations with the zero address.
* @dev Throws an `Address0` error if the provided address is the zero address.
* @param a The address to be checked.
*/
modifier notAddress0(address a) {
require(a != address(0), Address0());
_;
}
/**
* @notice Modifier to ensure the second value is not greater than the first.
* @dev Throws a `GreaterThan` error if `b` is smaller than `a`.
* @param a The first value to be compared.
* @param b The second value to be compared.
*/
modifier notGt(uint256 a, uint256 b) {
require(b >= a, GreaterThan(a, b));
_;
}
/**
* @notice Modifier to prevent operations when the caller is not an EOA.
* @dev Throws an `OnlyEOA` error if the caller is not an EOA.
*/
modifier onlyEOA() {
require(msg.sender.code.length == 0 && tx.origin == msg.sender, OnlyEOA());
_;
}
function _onlyEOA() internal view {
require(msg.sender.code.length == 0 && tx.origin == msg.sender, OnlyEOA());
}
function _notGt(uint256 a, uint256 b) internal pure {
require(b >= a, GreaterThan(a, b));
}
function _notAddress0(address a) internal pure {
require(a != address(0), Address0());
}
function _notExpired(uint32 _deadline) internal view {
require(block.timestamp <= _deadline, Expired());
}
function _notAmount0(uint256 a) internal pure {
require(a != 0, Amount0());
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
library Time {
///@notice The cut-off time in seconds from the start of the day for a day turnover, equivalent to 14 hours (50,400 seconds).
uint32 constant TURN_OVER_TIME = 50400;
///@notice The total number of seconds in a day.
uint32 constant SECONDS_PER_DAY = 86400;
/**
* @notice Returns the current block timestamp.
* @dev This function retrieves the timestamp using assembly for gas efficiency.
* @return ts The current block timestamp.
*/
function blockTs() internal view returns (uint32 ts) {
assembly {
ts := timestamp()
}
}
/**
* @notice Calculates the number of weeks passed since a given timestamp.
* @dev Uses assembly to retrieve the current timestamp and calculates the number of turnover time periods passed.
* @param t The starting timestamp.
* @return weeksPassed The number of weeks that have passed since the provided timestamp.
*/
function weekSince(uint32 t) internal view returns (uint32 weeksPassed) {
assembly {
let currentTime := timestamp()
let timeElapsed := sub(currentTime, t)
weeksPassed := div(timeElapsed, TURN_OVER_TIME)
}
}
/**
* @notice Calculates the number of full days between two timestamps.
* @dev Subtracts the start time from the end time and divides by the seconds per day.
* @param start The starting timestamp.
* @param end The ending timestamp.
* @return daysPassed The number of full days between the two timestamps.
*/
function dayGap(uint32 start, uint256 end) public pure returns (uint32 daysPassed) {
assembly {
daysPassed := div(sub(end, start), SECONDS_PER_DAY)
}
}
function weekDayByT(uint32 t) public pure returns (uint8 weekDay) {
assembly {
// Subtract 14 hours from the timestamp
let adjustedTimestamp := sub(t, TURN_OVER_TIME)
// Divide by the number of seconds in a day (86400)
let days := div(adjustedTimestamp, SECONDS_PER_DAY)
// Add 4 to align with weekday and calculate mod 7
let result := mod(add(days, 4), 7)
// Store result as uint8
weekDay := result
}
}
/**
* @notice Calculates the end of the day at 1 PM UTC based on a given timestamp.
* @dev Adjusts the provided timestamp by subtracting the turnover time, calculates the next day's timestamp at 1 PM UTC.
* @param t The starting timestamp.
* @return nextDayStartAt1PM The timestamp for the next day ending at 1 PM UTC.
*/
function getDayEnd(uint32 t) public pure returns (uint32 nextDayStartAt1PM) {
// Adjust the timestamp to the cutoff time (1 PM UTC)
uint32 adjustedTime = t - TURN_OVER_TIME;
// Calculate the number of days since Unix epoch
uint32 daysSinceEpoch = adjustedTime / SECONDS_PER_DAY;
// Calculate the start of the next day at 1 PM UTC
nextDayStartAt1PM = (daysSinceEpoch + 1) * SECONDS_PER_DAY + TURN_OVER_TIME;
}
///@notice Gets the the day count from a timestamp
function dayCountByT(uint32 t) internal pure returns (uint32 dayCount) {
assembly {
let adjustedTime := sub(t, TURN_OVER_TIME)
dayCount := div(adjustedTime, SECONDS_PER_DAY)
}
}
function daysSince(uint32 t) public view returns (uint32 daysPassed) {
assembly {
// Get the current block timestamp
let currentTime := timestamp()
daysPassed := div(sub(currentTime, t), SECONDS_PER_DAY)
}
}
/**
* @notice Calculates days between two timestamps
* @param since Start timestamp
* @param from End timestamp
* @return daysPassed Number of days between timestamps
*/
function daysSinceAndFrom(uint32 since, uint32 from) public pure returns (uint32 daysPassed) {
assembly {
daysPassed := div(sub(from, since), SECONDS_PER_DAY)
}
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity 0.8.27;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
/// @title Interface for WETH9
interface IWETH9 is IERC20 {
/// @notice Deposit ether to get wrapped ether
function deposit() external payable;
/// @notice Withdraw wrapped ether to get ether
function withdraw(uint256) external;
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity ^0.8.0;
/// @title Math library for computing sqrt prices from ticks and vice versa
/// @notice Computes sqrt price for ticks of size 1.0001, i.e. sqrt(1.0001^tick) as fixed point Q64.96 numbers. Supports
/// prices between 2**-128 and 2**128
library TickMath {
error T();
error R();
/// @dev The minimum tick that may be passed to #getSqrtRatioAtTick computed from log base 1.0001 of 2**-128
int24 internal constant MIN_TICK = -887272;
/// @dev The maximum tick that may be passed to #getSqrtRatioAtTick computed from log base 1.0001 of 2**128
int24 internal constant MAX_TICK = -MIN_TICK;
/// @dev The minimum value that can be returned from #getSqrtRatioAtTick. Equivalent to getSqrtRatioAtTick(MIN_TICK)
uint160 internal constant MIN_SQRT_RATIO = 4295128739;
/// @dev The maximum value that can be returned from #getSqrtRatioAtTick. Equivalent to getSqrtRatioAtTick(MAX_TICK)
uint160 internal constant MAX_SQRT_RATIO = 1461446703485210103287273052203988822378723970342;
/// @notice Calculates sqrt(1.0001^tick) * 2^96
/// @dev Throws if |tick| > max tick
/// @param tick The input tick for the above formula
/// @return sqrtPriceX96 A Fixed point Q64.96 number representing the sqrt of the ratio of the two assets (token1/token0)
/// at the given tick
function getSqrtRatioAtTick(int24 tick) internal pure returns (uint160 sqrtPriceX96) {
unchecked {
uint256 absTick = tick < 0 ? uint256(-int256(tick)) : uint256(int256(tick));
if (absTick > uint256(int256(MAX_TICK))) revert T();
uint256 ratio = absTick & 0x1 != 0
? 0xfffcb933bd6fad37aa2d162d1a594001
: 0x100000000000000000000000000000000;
if (absTick & 0x2 != 0) ratio = (ratio * 0xfff97272373d413259a46990580e213a) >> 128;
if (absTick & 0x4 != 0) ratio = (ratio * 0xfff2e50f5f656932ef12357cf3c7fdcc) >> 128;
if (absTick & 0x8 != 0) ratio = (ratio * 0xffe5caca7e10e4e61c3624eaa0941cd0) >> 128;
if (absTick & 0x10 != 0) ratio = (ratio * 0xffcb9843d60f6159c9db58835c926644) >> 128;
if (absTick & 0x20 != 0) ratio = (ratio * 0xff973b41fa98c081472e6896dfb254c0) >> 128;
if (absTick & 0x40 != 0) ratio = (ratio * 0xff2ea16466c96a3843ec78b326b52861) >> 128;
if (absTick & 0x80 != 0) ratio = (ratio * 0xfe5dee046a99a2a811c461f1969c3053) >> 128;
if (absTick & 0x100 != 0) ratio = (ratio * 0xfcbe86c7900a88aedcffc83b479aa3a4) >> 128;
if (absTick & 0x200 != 0) ratio = (ratio * 0xf987a7253ac413176f2b074cf7815e54) >> 128;
if (absTick & 0x400 != 0) ratio = (ratio * 0xf3392b0822b70005940c7a398e4b70f3) >> 128;
if (absTick & 0x800 != 0) ratio = (ratio * 0xe7159475a2c29b7443b29c7fa6e889d9) >> 128;
if (absTick & 0x1000 != 0) ratio = (ratio * 0xd097f3bdfd2022b8845ad8f792aa5825) >> 128;
if (absTick & 0x2000 != 0) ratio = (ratio * 0xa9f746462d870fdf8a65dc1f90e061e5) >> 128;
if (absTick & 0x4000 != 0) ratio = (ratio * 0x70d869a156d2a1b890bb3df62baf32f7) >> 128;
if (absTick & 0x8000 != 0) ratio = (ratio * 0x31be135f97d08fd981231505542fcfa6) >> 128;
if (absTick & 0x10000 != 0) ratio = (ratio * 0x9aa508b5b7a84e1c677de54f3e99bc9) >> 128;
if (absTick & 0x20000 != 0) ratio = (ratio * 0x5d6af8dedb81196699c329225ee604) >> 128;
if (absTick & 0x40000 != 0) ratio = (ratio * 0x2216e584f5fa1ea926041bedfe98) >> 128;
if (absTick & 0x80000 != 0) ratio = (ratio * 0x48a170391f7dc42444e8fa2) >> 128;
if (tick > 0) ratio = type(uint256).max / ratio;
// this divides by 1<<32 rounding up to go from a Q128.128 to a Q128.96.
// we then downcast because we know the result always fits within 160 bits due to our tick input constraint
// we round up in the division so getTickAtSqrtRatio of the output price is always consistent
sqrtPriceX96 = uint160((ratio >> 32) + (ratio % (1 << 32) == 0 ? 0 : 1));
}
}
/// @notice Calculates the greatest tick value such that getRatioAtTick(tick) <= ratio
/// @dev Throws in case sqrtPriceX96 < MIN_SQRT_RATIO, as MIN_SQRT_RATIO is the lowest value getRatioAtTick may
/// ever return.
/// @param sqrtPriceX96 The sqrt ratio for which to compute the tick as a Q64.96
/// @return tick The greatest tick for which the ratio is less than or equal to the input ratio
function getTickAtSqrtRatio(uint160 sqrtPriceX96) internal pure returns (int24 tick) {
unchecked {
// second inequality must be < because the price can never reach the price at the max tick
if (!(sqrtPriceX96 >= MIN_SQRT_RATIO && sqrtPriceX96 < MAX_SQRT_RATIO)) revert R();
uint256 ratio = uint256(sqrtPriceX96) << 32;
uint256 r = ratio;
uint256 msb = 0;
assembly {
let f := shl(7, gt(r, 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(6, gt(r, 0xFFFFFFFFFFFFFFFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(5, gt(r, 0xFFFFFFFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(4, gt(r, 0xFFFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(3, gt(r, 0xFF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(2, gt(r, 0xF))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := shl(1, gt(r, 0x3))
msb := or(msb, f)
r := shr(f, r)
}
assembly {
let f := gt(r, 0x1)
msb := or(msb, f)
}
if (msb >= 128) r = ratio >> (msb - 127);
else r = ratio << (127 - msb);
int256 log_2 = (int256(msb) - 128) << 64;
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(63, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(62, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(61, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(60, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(59, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(58, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(57, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(56, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(55, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(54, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(53, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(52, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(51, f))
r := shr(f, r)
}
assembly {
r := shr(127, mul(r, r))
let f := shr(128, r)
log_2 := or(log_2, shl(50, f))
}
int256 log_sqrt10001 = log_2 * 255738958999603826347141; // 128.128 number
int24 tickLow = int24((log_sqrt10001 - 3402992956809132418596140100660247210) >> 128);
int24 tickHi = int24((log_sqrt10001 + 291339464771989622907027621153398088495) >> 128);
tick = tickLow == tickHi ? tickLow : getSqrtRatioAtTick(tickHi) <= sqrtPriceX96 ? tickHi : tickLow;
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Errors} from "@utils/Errors.sol";
import {wmul, min} from "@utils/Math.sol";
import {PoolAddress} from "@libs/PoolAddress.sol";
import {OracleLibrary} from "@libs/OracleLibrary.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {Ownable2Step, Ownable} from "@openzeppelin/contracts/access/Ownable2Step.sol";
import {TickMath} from "@uniswap/v3-core/contracts/libraries/TickMath.sol";
import {ISwapRouter} from "@uniswap/v3-periphery/contracts/interfaces/ISwapRouter.sol";
/// @notice Struct representing slippage settings for a pool.
struct Slippage {
uint224 slippage; //< Slippage in WAD (scaled by 1e18)
uint32 twapLookback; //< TWAP lookback period in minutes (used as seconds in code)
}
struct SwapActionParams {
address _v3Router;
address _v3Factory;
address _owner;
}
/**
* @title SwapActions
* @notice A contract that facilitates token swapping on Uniswap V3 with slippage management.
* @dev Uses Uniswap V3 Router and Oracle libraries for swap actions and TWAP calculations.
*/
contract SwapActions is Ownable2Step, Errors {
/// @notice Address of the Uniswap V3 Router
address public immutable uniswapV3Router;
/// @notice Address of the Uniswap V3 Factory
address public immutable v3Factory;
/// @notice Address of the admin responsible for managing slippage
address public slippageAdmin;
/// @notice Mapping of pool addresses to their respective slippage settings
mapping(address pool => Slippage) public slippageConfigs;
/// @notice Thrown when an invalid slippage is provided
error SwapActions__InvalidSlippage();
/// @notice Thrown when a non-admin/non-owner attempts to perform slippage actions
error SwapActions__OnlySlippageAdmin();
/// @notice Thrown when an invalid TWA lookback is passed
error SwapActions__InvalidLookBack();
event SlippageAdminChanged(address indexed oldAdmin, address indexed newAdmin);
event SlippageConfigChanged(address indexed pool, uint224 indexed newSlippage, uint32 indexed newLookback);
/**
* @dev Ensures the caller is either the slippage admin or the contract owner.
*/
modifier onlySlippageAdminOrOwner() {
_onlySlippageAdminOrOwner();
_;
}
/**
* @param params The aprams to initialize the SwapAcitons contract.
*/
constructor(SwapActionParams memory params) Ownable(params._owner) {
uniswapV3Router = params._v3Router;
v3Factory = params._v3Factory;
slippageAdmin = params._owner;
}
/**
* @notice Change the address of the slippage admin.
* @param _new New slippage admin address.
* @dev Only callable by the contract owner.
*/
function changeSlippageAdmin(address _new) external notAddress0(_new) onlyOwner {
emit SlippageAdminChanged(slippageAdmin, _new);
slippageAdmin = _new;
}
/**
* @notice Change slippage configuration for a specific pool.
* @param pool Address of the Uniswap V3 pool.
* @param _newSlippage New slippage value (in WAD).
* @param _newLookBack New TWAP lookback period (in minutes).
* @dev Only callable by the slippage admin or the owner.
*/
function changeSlippageConfig(address pool, uint224 _newSlippage, uint32 _newLookBack)
external
notAmount0(_newLookBack)
onlySlippageAdminOrOwner
{
require(_newLookBack >= 5 && _newLookBack <= 30, SwapActions__InvalidLookBack());
require(_newSlippage <= WAD, SwapActions__InvalidSlippage());
emit SlippageConfigChanged(pool, _newSlippage, _newLookBack);
slippageConfigs[pool] = Slippage({slippage: _newSlippage, twapLookback: _newLookBack});
}
/**
* @notice Perform an exact input swap on Uniswap V3.
* @param tokenIn Address of the input token.
* @param tokenOut Address of the output token.
* @param tokenInAmount Amount of the input token to swap.
* @param minAmountOut Optional minimum amount out, if it's 0 it uses the twap
* @param deadline Deadline timestamp for the swap.
* @return amountReceived Amount of the output token received.
* @dev The function uses the TWAP (Time-Weighted Average Price) to ensure the swap is performed within slippage tolerance.
*/
function swapExactInput(
address tokenIn,
address tokenOut,
uint256 tokenInAmount,
uint256 minAmountOut,
uint32 deadline
) internal returns (uint256 amountReceived) {
IERC20(tokenIn).approve(uniswapV3Router, tokenInAmount);
bytes memory path = abi.encodePacked(tokenIn, POOL_FEE, tokenOut);
(uint256 twapAmount, uint224 slippage) = getTwapAmount(tokenIn, tokenOut, tokenInAmount);
uint256 minAmount = minAmountOut == 0 ? wmul(twapAmount, slippage) : minAmountOut;
ISwapRouter.ExactInputParams memory params = ISwapRouter.ExactInputParams({
path: path,
recipient: address(this),
deadline: deadline,
amountIn: tokenInAmount,
amountOutMinimum: minAmount
});
return ISwapRouter(uniswapV3Router).exactInput(params);
}
/**
* @notice Get the TWAP (Time-Weighted Average Price) and slippage for a given token pair.
* @param tokenIn Address of the input token.
* @param tokenOut Address of the output token.
* @param amount Amount of the input token.
* @return twapAmount The TWAP amount of the output token for the given input.
* @return slippage The slippage tolerance for the pool.
*/
function getTwapAmount(address tokenIn, address tokenOut, uint256 amount)
public
view
returns (uint256 twapAmount, uint224 slippage)
{
address poolAddress = PoolAddress.computeAddress(v3Factory, PoolAddress.getPoolKey(tokenIn, tokenOut, POOL_FEE));
Slippage memory slippageConfig = slippageConfigs[poolAddress];
if (slippageConfig.twapLookback == 0 && slippageConfig.slippage == 0) {
slippageConfig = Slippage({twapLookback: 15, slippage: WAD - 0.2e18});
}
uint32 secondsAgo = slippageConfig.twapLookback * 60;
uint32 oldestObservation = OracleLibrary.getOldestObservationSecondsAgo(poolAddress);
if (oldestObservation < secondsAgo) secondsAgo = oldestObservation;
(int24 arithmeticMeanTick,) = OracleLibrary.consult(poolAddress, secondsAgo);
uint160 sqrtPriceX96 = TickMath.getSqrtRatioAtTick(arithmeticMeanTick);
slippage = slippageConfig.slippage;
twapAmount = OracleLibrary.getQuoteForSqrtRatioX96(sqrtPriceX96, amount, tokenIn, tokenOut);
}
/**
* @dev Internal function to check if the caller is the slippage admin or contract owner.
*/
function _onlySlippageAdminOrOwner() private view {
require(msg.sender == slippageAdmin || msg.sender == owner(), SwapActions__OnlySlippageAdmin());
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import "@const/Constants.sol";
import {Time} from "@utils/Time.sol";
import {Errors} from "@utils/Errors.sol";
import {wdiv, wmul} from "@utils/Math.sol";
import {IAscendant} from "@interfaces/IAscendant.sol";
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {ERC721} from "@openzeppelin/contracts/token/ERC721/ERC721.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {ERC721URIStorage} from "@openzeppelin/contracts/token/ERC721/extensions/ERC721URIStorage.sol";
/**
* @title AscendantNFTMinting
* @author Decentra
* @notice A contract for minting, burning, and managing Ascendant NFTs with reward distribution
* @dev Inherits from ERC721 and Errors contracts
* Main features:
* - NFT minting with multiple tiers
* - Reward distribution across different time pools
* - NFT fusion mechanism
* - Batch operations for minting, claiming, and burning
*/
contract AscendantNFTMinting is ERC721URIStorage, Ownable, Errors {
using SafeERC20 for IERC20;
using Math for uint256;
//===========STRUCTS===========//
/**
* @notice Record of user's NFT position and rewards
* @param shares Amount of shares owned by the NFT
* @param lockedAscendant Amount of Ascendant tokens locked in the NFT
* @param rewardDebt Used to calculate correct reward distribution
* @param startTime Timestamp when the NFT was minted
* @param endTime Timestamp when the lock period ends
*/
struct UserRecord {
uint256 shares;
uint256 lockedAscendant;
uint256 rewardDebt;
uint32 startTime;
uint32 endTime;
}
/**
* @notice Attributes associated with each NFT
* @param rarityNumber Pseudo-random number generated during minting
* @param tier NFT tier level (1-8)
* @param NftRarity NFT rarity level (COMMON, RARE, LEGENDARY)
*/
struct NftAttributes {
uint256 rarityNumber;
uint8 tier;
Rarity rarity;
}
//===========ENUMS===========//
/**
* @notice Different reward distribution pools based on time periods
* @param DAY8 8-day reward distribution pool
* @param DAY28 28-day reward distribution pool
* @param DAY90 90-day reward distribution pool
*/
enum POOLS {
DAY8,
DAY28,
DAY90
}
/**
* @notice NFT Rarity levels for NFTs
* @param COMMON Basic NFT rarity level (Tiers 1-4)
* @param RARE Medium NFT rarity level (Tiers 5-7)
* @param LEGENDARY Highest NFT rarity level (Tier 8)
*/
enum Rarity {
COMMON,
RARE,
LEGENDARY
}
//=========IMMUTABLE=========//
IAscendant immutable ascendant;
IERC20 immutable dragonX;
//===========STATE===========//
uint256 public totalShares;
uint256 public tokenId;
uint256 public rewardPerShare;
uint32 public startTimestamp;
uint32 public lastDistributedDay;
address public ascendantPride;
string[10][8] public tokenURIs;
/**
* @notice Mapping of reward pools to their pending distribution amounts
*/
mapping(POOLS => uint256) public toDistribute;
/**
* @notice Mapping of token IDs to their user records
*/
mapping(uint256 id => UserRecord record) public userRecords;
/**
* @notice Mapping of token IDs to their NFT attributes
*/
mapping(uint256 => NftAttributes) public nftAttributes;
//==========ERRORS==========//
error AscendantMinting__FusionTokenIdsCannotBeTheSame();
error AscendantMinting__InvalidNFTOwner();
error AscendantMinting__InvalidTokenID(uint256 _tokenId);
error AscendantMinting__AmountForNewMintNotReached();
error AscendantMinting__ExpiredNFT();
error AscendantMinting__TierOfNFTsMustBeTheSame();
error AscendantMinting__MaxTierReached();
error AscendantMinting__InitialLockPeriod();
error AscendantMinting__InvalidDuration();
error AscendantMinting__NoSharesToClaim();
error AscendantMinting__LockPeriodNotOver();
error AscendantMinting__OnlyMintingAndBurning();
error AscendantMinting__InvalidNftCount();
error AscendantMinting__MaxBatchNftThresholdReached();
error AscendantMinting__TierAmountMismatch();
error AscendantMinting__InvalidLegendaryTierImageIndex();
//==========EVENTS==========//
/**
* @notice Emitted when a new NFT is minted
* @param minter Address that minted the NFT
* @param ascendant Amount of Ascendant tokens locked
* @param id Token ID of the minted NFT
* @param _shares Number of shares assigned to the NFT
*/
event Minted(address indexed minter, uint256 indexed ascendant, uint256 indexed id, uint256 _shares);
/**
* @notice Emitted when an NFT is burned
* @param shares Amount of shares burned
* @param ascendantAmountReceived Amount of Ascendant tokens returned
* @param _tokenId Token ID of the burned NFT
* @param recepient Address receiving the Ascendant tokens
*/
event Burnt(
uint256 indexed shares, uint256 indexed ascendantAmountReceived, uint256 indexed _tokenId, address recepient
);
/**
* @notice Emitted when an NFT is burned during fusion
* @param shares Amount of shares fusion burned
* @param _tokenId Token ID of the fusion burned NFT
* @param recepient Address receiving the Ascendant tokens
*/
event FusionBurnt(uint256 indexed shares, uint256 indexed _tokenId, address recepient);
/**
* @notice Event emitted when rewards are claimed for an NFT
* @param id The token ID of the NFT
* @param rewards Amount of rewards claimed
* @param newRewardDebt Updated reward debt after claiming
* @param ownerOfMint Address of the NFT owner
*/
event Claimed(uint256 indexed id, uint256 indexed rewards, uint256 indexed newRewardDebt, address ownerOfMint);
/**
* @notice Event emitted when rewards are distributed to a pool
* @param pool The pool receiving the distribution (DAY8, DAY28, or DAY90)
* @param amount Amount of tokens distributed
*/
event Distributed(POOLS indexed pool, uint256 indexed amount);
/**
* @notice Event emitted when NFT attributes are generated
* @param tokenId The ID of the NFT
* @param nftAttribute Random number generated for the NFT
* @param nftTier Tier level of the NFT
*/
event AscendantMinting__NFTAttributeGenerated(uint256 tokenId, uint256 nftAttribute, uint64 nftTier);
/**
* @notice Event emitted when two NFTs are fused
* @param firstTokenId ID of the first NFT being fused
* @param secondTokenId ID of the second NFT being fused
* @param newTokenId ID of the newly created NFT
* @param shares Number of shares assigned to the new NFT
* @param oldTier Tier level of the original NFTs
* @param newTier Tier level of the newly created NFT
*/
event NFTFusion(
uint256 indexed firstTokenId,
uint256 indexed secondTokenId,
uint256 indexed newTokenId,
uint256 shares,
uint8 oldTier,
uint8 newTier
);
//==========CONSTRUCTOR==========//
/**
* @param _dragonX Address of the DragonX token contract
* @param _ascendant Address of the Ascendant token contract
* @param _ascendantPride Address of the AscendantPride contract
* @param _startTimestamp Timestamp when the contract becomes operational
*/
constructor(address _dragonX, address _ascendant, address _ascendantPride, uint32 _startTimestamp, string[10][8] memory _tokenURIs)
ERC721("Ascendant.win", "ASCNFT")
Ownable(msg.sender)
{
startTimestamp = _startTimestamp;
ascendant = IAscendant(_ascendant);
dragonX = IERC20(_dragonX);
ascendantPride = _ascendantPride;
lastDistributedDay = 1;
tokenURIs = _tokenURIs;
}
//==========================//
//==========PUBLIC==========//
//==========================//
/**
* @notice Returns metadata URI for given token ID
* @dev Overrides ERC721URIStorage tokenURI()
*/
function tokenURI(uint256 _tokenId) public view override returns (string memory) {
address owner = _ownerOf(_tokenId);
if (owner == address(0)) {
revert AscendantMinting__InvalidTokenID(_tokenId);
}
NftAttributes memory currentNftAttributes = nftAttributes[_tokenId];
return tokenURIs[currentNftAttributes.tier - 1][currentNftAttributes.rarityNumber];
}
/**
* @notice Burns an NFT and returns locked Ascendant tokens
* @param _tokenId ID of the NFT to burn
* @param _receiver Address to receive the Ascendant tokens
* @dev Requires lock period to be over
*/
function burn(uint256 _tokenId, address _receiver) public notAddress0(_receiver) notAmount0(_tokenId) {
UserRecord memory record = userRecords[_tokenId];
if (record.shares == 0) revert AscendantMinting__NoSharesToClaim();
if (record.endTime > Time.blockTs()) revert AscendantMinting__LockPeriodNotOver();
_normalClaimAndBurn(_tokenId, _receiver);
}
/**
* @notice Claims accumulated rewards for an NFT
* @param _tokenId ID of the NFT to claim rewards for
* @param _receiver Address to receive the rewards
*/
function claim(uint256 _tokenId, address _receiver) public notAddress0(_receiver) notAmount0(_tokenId) {
isApprovedOrOwner(_tokenId, msg.sender);
_claim(_tokenId, _receiver);
}
/**
* @notice Updates rewards across all pools if conditions are met
* @dev Checks and distributes rewards for 8-day, 28-day, and 90-day pools
*/
function updateRewardsIfNecessary() public {
if (totalShares == 0) return;
uint32 currentDay = _getCurrentDay();
// Calculate how many periods have passed for each interval
bool distributeDay8 = (currentDay / 8 > lastDistributedDay / 8);
bool distributeDay28 = (currentDay / 28 > lastDistributedDay / 28);
bool distributeDay90 = (currentDay / 90 > lastDistributedDay / 90);
// Distribute for the 8-day pool if necessary
if (distributeDay8) _updateRewards(POOLS.DAY8, toDistribute);
// Distribute for the 28-day pool if necessary
if (distributeDay28) _updateRewards(POOLS.DAY28, toDistribute);
// Distribute for the 90-day pool if necessary
if (distributeDay90) _updateRewards(POOLS.DAY90, toDistribute);
// Update the last distributed day to the current day
lastDistributedDay = currentDay;
}
/**
* @notice Verifies if an address is authorized to handle a token
* @param _tokenId The ID of the token to check
* @param _spender The address to verify authorization for
* @dev Wraps _checkAuthorized function from ERC721
*/
function isApprovedOrOwner(uint256 _tokenId, address _spender) public view {
_checkAuthorized(ownerOf(_tokenId), _spender, _tokenId);
}
/**
* @notice Retrieves Ascendant token amount and tier percentage based on tier
* @param _tier The tier level to get data for
* @return tierValue The amount of Ascendant tokens required for the tier
* @return multiplier The percentage multiplier for the tier (Ranging from 1.01e18 to 1.08e18)
* @dev Reverts if tier is invalid
*/
function getAscendantDataBasedOnTier(uint8 _tier) public pure returns (uint256 tierValue, uint64 multiplier) {
require(_tier >= TIER_1 && _tier <= TIER_8, AscendantMinting__TierAmountMismatch());
tierValue = ASCENDANT_TIER_1 << (_tier - 1); // Multiplies ASCENDANT_TIER_1 by 2^(_tier - 1)
multiplier = WAD + (uint64(_tier) * 1e16); // WAD = 1e18, adds 0.01e18 per tier
}
//==========================//
//==========EXTERNAL========//
//==========================//
/**
* @notice Allows the contract owner to update the image URIs
* @param _newTokenURIs New array of image URIs to set
* @dev Must maintain the same structure: 8 tiers with 10 images each
*/
function setTokenURIs(string[10][8] memory _newTokenURIs) external onlyOwner {
tokenURIs = _newTokenURIs;
emit BatchMetadataUpdate(0, type(uint256).max); // because it is required for OpenSea metadata update
}
/**
* @notice Allows the contract owner to update a single token URI
* @param _tier The tier level to update (1-8)
* @param _index The index within the tier to update (0-9)
* @param _newUri The new image URI to set
* @dev Tier is 1-based but storage array is 0-based
*/
function setSingleTokenURI(
uint8 _tier,
uint256 _index,
string memory _newUri
) external onlyOwner {
require(_tier >= 1 && _tier <= 8, "Invalid tier");
require(_index < 10, "Invalid index");
// tier - 1 because array is 0-based
tokenURIs[_tier - 1][_index] = _newUri;
emit BatchMetadataUpdate(0, type(uint256).max); // because it is required for OpenSea metadata update
}
/**
* @notice Mints multiple NFTs of the same tier
* @param _numOfNfts Number of NFTs to mint
* @param _ascendantTier Tier level for all NFTs
* @return tokenIds Array of minted token IDs
* @return batchMintTotalShares Total shares assigned across all minted NFTs
*/
function batchMint(uint8 _numOfNfts, uint8 _ascendantTier)
public
notAmount0(_numOfNfts)
notAmount0(_ascendantTier)
returns (uint256[] memory tokenIds, uint256 batchMintTotalShares)
{
tokenIds = new uint256[](_numOfNfts);
for (uint8 i = 0; i < _numOfNfts; i++) {
(uint256 _tokenId, uint256 shares) = mint(_ascendantTier);
tokenIds[i] = _tokenId;
batchMintTotalShares += shares;
}
return (tokenIds, batchMintTotalShares);
}
/**
* @notice Mints a new NFT with the specified tier
* @param _tier Tier level for the new NFT
* @return _tokenId The ID of the newly minted NFT
* @return shares The number of shares assigned to the NFT
* @dev Transfers required Ascendant tokens from sender, creates NFT attributes, and updates total shares
*/
function mint(uint8 _tier) public notAmount0(_tier) returns (uint256 _tokenId, uint256 shares) {
(uint256 _ascendantAmount, uint64 _ascendantTierPercentage) = getAscendantDataBasedOnTier(_tier);
updateRewardsIfNecessary();
_tokenId = ++tokenId;
shares = wmul(_ascendantAmount, _ascendantTierPercentage);
userRecords[_tokenId] = UserRecord({
startTime: Time.blockTs(),
endTime: Time.blockTs() + MIN_DURATION,
shares: shares,
rewardDebt: rewardPerShare,
lockedAscendant: _ascendantAmount
});
_generateNFTAttribute(_tokenId, _tier);
totalShares += shares;
ascendant.transferFrom(msg.sender, address(this), _ascendantAmount);
emit Minted(msg.sender, _ascendantAmount, _tokenId, shares);
_mint(msg.sender, _tokenId);
emit MetadataUpdate(_tokenId); // because OpenSea listens for this type of events and once detected OpenSea refreshes the data
}
/**
* @notice Calculates total claimable rewards for multiple NFTs
* @param _ids Array of NFT IDs to check
* @return toClaim Total amount of rewards claimable
*/
function batchClaimableAmount(uint256[] calldata _ids) external view returns (uint256 toClaim) {
uint32 currentDay = _getCurrentDay();
uint256 m_rewardsPerShare = rewardPerShare;
bool distributeDay8 = (currentDay / 8 > lastDistributedDay / 8);
bool distributeDay28 = (currentDay / 28 > lastDistributedDay / 28);
bool distributeDay90 = (currentDay / 90 > lastDistributedDay / 90);
if (distributeDay8) m_rewardsPerShare += wdiv(toDistribute[POOLS.DAY8], totalShares);
if (distributeDay28) m_rewardsPerShare += wdiv(toDistribute[POOLS.DAY28], totalShares);
if (distributeDay90) m_rewardsPerShare += wdiv(toDistribute[POOLS.DAY90], totalShares);
for (uint256 i; i < _ids.length; ++i) {
uint256 _id = _ids[i];
UserRecord memory _rec = userRecords[_id];
toClaim += wmul(_rec.shares, m_rewardsPerShare - _rec.rewardDebt);
}
}
/**
* @notice Burns multiple NFTs
* @param _ids Array of NFT IDs to burn
* @param _receiver Address to receive the Ascendant tokens
*/
function batchBurn(uint256[] calldata _ids, address _receiver) external {
for (uint256 i; i < _ids.length; ++i) {
burn(_ids[i], _receiver);
}
}
/**
* @notice Claims rewards for multiple NFTs
* @param _ids Array of NFT IDs to claim rewards for
* @param _receiver Address to receive the rewards
*/
function batchClaim(uint256[] calldata _ids, address _receiver) external {
for (uint256 i; i < _ids.length; ++i) {
claim(_ids[i], _receiver);
}
}
/**
* @notice Distributes DragonX rewards to the reward pools
* @param _amount Amount of DragonX tokens to distribute
* @dev Transfers tokens from sender and updates reward pools
*/
function distribute(uint256 _amount) external notAmount0(_amount) {
dragonX.transferFrom(msg.sender, address(this), _amount);
_distribute(_amount);
}
/**
* @notice Combines two NFTs of the same tier to create a higher tier NFT
* @param _firstTokenId First NFT to fuse
* @param _secondTokenId Second NFT to fuse
* @dev Both NFTs must be of the same tier and not expired
*/
function fusion(uint256 _firstTokenId, uint256 _secondTokenId) external {
if (_firstTokenId == _secondTokenId) revert AscendantMinting__FusionTokenIdsCannotBeTheSame();
if (ownerOf(_firstTokenId) != msg.sender) revert AscendantMinting__InvalidNFTOwner();
if (ownerOf(_secondTokenId) != msg.sender) revert AscendantMinting__InvalidNFTOwner();
NftAttributes memory firstAttributes = nftAttributes[_firstTokenId];
NftAttributes memory secondAttributes = nftAttributes[_secondTokenId];
if (firstAttributes.tier != secondAttributes.tier) revert AscendantMinting__TierOfNFTsMustBeTheSame();
if (firstAttributes.tier == TIER_8) revert AscendantMinting__MaxTierReached();
_fusionClaimAndBurn(_firstTokenId, msg.sender);
_fusionClaimAndBurn(_secondTokenId, msg.sender);
uint8 incrementedTier = firstAttributes.tier + 1;
(uint256 newTokenId, uint256 shares) = _fusionMint(incrementedTier);
emit NFTFusion(_firstTokenId, _secondTokenId, newTokenId, shares, firstAttributes.tier, incrementedTier);
}
//==========================//
//=========INTERNAL=========//
//==========================//
/**
* @notice Internal function to process claims
* @param _tokenId The ID of the NFT to claim rewards for
* @param _receiver Address to receive the rewards
* @dev Updates reward debt and transfers DragonX tokens
*/
function _claim(uint256 _tokenId, address _receiver) internal {
UserRecord storage _rec = userRecords[_tokenId];
updateRewardsIfNecessary();
uint256 amountToClaim = wmul(_rec.shares, rewardPerShare - _rec.rewardDebt);
_rec.rewardDebt = rewardPerShare;
dragonX.transfer(_receiver, amountToClaim);
emit Claimed(_tokenId, amountToClaim, rewardPerShare, ownerOf(_tokenId));
}
/**
* @notice Internal function to distribute rewards across pools
* @param amount Amount of DragonX tokens to distribute
* @dev Handles different distribution ratios based on current day
*/
function _distribute(uint256 amount) internal {
uint32 currentDay = _getCurrentDay();
updateRewardsIfNecessary();
if (currentDay == 1) {
toDistribute[POOLS.DAY8] += amount;
} else {
toDistribute[POOLS.DAY8] += wmul(amount, DAY8POOL_DIST);
toDistribute[POOLS.DAY28] += wmul(amount, DAY28POOL_DIST);
toDistribute[POOLS.DAY90] += wmul(amount, DAY90POOL_DIST);
}
}
/**
* @notice Generates attributes for a newly minted NFT
* @param _tokenId The ID of the NFT
* @param _ascendantTier The tier level of the NFT
* @dev Generates random number and sets rarity based on tier
*/
function _generateNFTAttribute(uint256 _tokenId, uint8 _ascendantTier) internal {
uint256 randomNumber = _generatePseudoRandom(_tokenId) % NUMBER_OF_NFT_IMAGES_PER_TIER;
nftAttributes[_tokenId] =
NftAttributes({
tier: _ascendantTier,
rarity: getRarity(randomNumber),
rarityNumber: randomNumber
});
emit AscendantMinting__NFTAttributeGenerated(_tokenId, randomNumber, _ascendantTier);
}
/**
* @notice Generates a pseudo-random number for NFT attributes
* @param _tokenId The ID of the NFT to generate random number for
* @return uint256 A pseudo-random number
* @dev Uses block data and transaction data for randomness
*/
function _generatePseudoRandom(uint256 _tokenId) internal view returns (uint256) {
return uint256(
keccak256(
abi.encodePacked(
block.timestamp, block.prevrandao, blockhash(block.number - 1), tx.gasprice, msg.sender, _tokenId
)
)
) % NFT_ATTRIBUTE_RANDOM_NUMBER;
}
/**
* @notice Updates rewards for a specific pool
* @param pool The pool to update rewards for
* @param toDist Storage mapping of distribution amounts
* @dev Updates rewardPerShare and emits Distributed event
*/
function _updateRewards(POOLS pool, mapping(POOLS => uint256) storage toDist) internal {
if (toDist[pool] == 0) return;
rewardPerShare += wdiv(toDist[pool], totalShares);
emit Distributed(pool, toDist[pool]);
toDistribute[pool] = 0;
}
/**
* @notice Gets the current day number since contract start
* @return currentDay The current day number (1-based)
* @dev Returns 1 if contract hasn't started yet
*/
function _getCurrentDay() internal view returns (uint32 currentDay) {
if (startTimestamp > Time.blockTs()) {
return 1;
}
return Time.dayGap(startTimestamp, Time.blockTs()) + 1;
}
/**
* @notice Retrieves the NFT attributes for a given token ID
* @param _tokenId The ID of the NFT
* @return NftAttributes struct containing the NFT's attributes
*/
function getNFTAttribute(uint256 _tokenId) external view returns (NftAttributes memory) {
return nftAttributes[_tokenId];
}
//==========================//
//=========PRIVATE==========//
//==========================//
/**
* @notice Internal function to mint a new NFT during fusion
* @param _tier The tier level of the new NFT
* @return _tokenId The ID of the newly minted NFT
* @return shares The number of shares assigned to the NFT
* @dev Similar to public mint but skips token transfer as tokens are already in contract
*/
function _fusionMint(uint8 _tier) private notAmount0(_tier) returns (uint256 _tokenId, uint256 shares) {
(uint256 _ascendantAmount, uint64 _ascendantTierPercentage) = getAscendantDataBasedOnTier(_tier);
updateRewardsIfNecessary();
_tokenId = ++tokenId;
shares = wmul(_ascendantAmount, _ascendantTierPercentage);
userRecords[_tokenId] = UserRecord({
startTime: Time.blockTs(),
endTime: Time.blockTs() + MIN_DURATION,
shares: shares,
rewardDebt: rewardPerShare,
lockedAscendant: _ascendantAmount
});
_generateNFTAttribute(_tokenId, _tier);
totalShares += shares;
// no need to transfer Ascendant tokens to the current contract
// because this function is used only for fusion which means
// that the ascendant is already in the contract
emit Minted(msg.sender, _ascendantAmount, _tokenId, shares);
_mint(msg.sender, _tokenId);
emit MetadataUpdate(_tokenId); // because OpenSea listens for this type of events and once detected OpenSea refreshes the data
}
/**
* @notice Burns an NFT and sends Ascendant tokens back to receiver after subtracting redeem tax
* @param _tokenId The ID of the NFT to burn
* @param _receiver Address to receive the Ascendant tokens and rewards
* @dev Handles the standard burn process where Ascendant tokens are returned
* minus the redeem tax which is sent to AscendantPride
*/
function _normalClaimAndBurn(uint256 _tokenId, address _receiver) private {
_claimAndBurn(_tokenId, _receiver, false);
}
/**
* @notice Burns an NFT during the fusion process without returning Ascendant tokens
* @param _tokenId The ID of the NFT to burn
* @param _receiver Address to receive only the DragonX rewards
* @dev Used during fusion where Ascendant tokens remain in the contract
* to be used for minting the new higher tier NFT
*/
function _fusionClaimAndBurn(uint256 _tokenId, address _receiver) private {
_claimAndBurn(_tokenId, _receiver, true);
}
/**
* @notice Internal function that handles the process of claiming rewards and burning an NFT
* @param _tokenId The ID of the NFT to process
* @param _receiver Address to receive tokens (DragonX rewards and optionally Ascendant tokens)
* @param _isFusion Boolean indicating if this burn is part of a fusion operation
* @dev This function:
* - Verifies ownership or approval
* - Claims any accumulated DragonX rewards
* - Cleans up NFT data (userRecords and nftAttributes)
* - Updates total shares
* - If not fusion: calculates and applies redeem tax, sends remaining Ascendant to receiver
* - If fusion: retains Ascendant tokens in contract
* - Burns the NFT
* - Emits either Burnt or FusionBurnt event depending on _isFusion
*/
function _claimAndBurn(uint256 _tokenId, address _receiver, bool _isFusion)
private
notAddress0(_receiver)
notAmount0(_tokenId)
{
UserRecord memory record = userRecords[_tokenId];
isApprovedOrOwner(_tokenId, msg.sender);
_claim(_tokenId, _receiver);
uint256 _shares = record.shares;
delete userRecords[_tokenId];
delete nftAttributes[_tokenId];
totalShares -= record.shares;
if (!_isFusion) {
uint256 _ascendantRedeemTax = wmul(record.lockedAscendant, ASCENDANT_REDEEM_TAX);
uint256 _ascendantToReturn = record.lockedAscendant - _ascendantRedeemTax;
ascendant.transfer(ascendantPride, _ascendantRedeemTax);
ascendant.transfer(_receiver, _ascendantToReturn);
emit Burnt(_shares, _ascendantToReturn, _tokenId, _receiver);
} else {
emit FusionBurnt(_shares, _tokenId, _receiver);
}
_burn(_tokenId);
}
/**
* @notice Determines rarity based on a pseudo-random number 0-9
* @param number The pseudo-random number input (must be 0-9)
* @return Rarity enum value (LEGENDARY for 0, COMMON for 1-7, RARE for 8-9)
* @dev Used for weighted rarity distribution:
* - 10% chance for LEGENDARY (number = 0)
* - 70% chance for COMMON (numbers 1-7)
* - 20% chance for RARE (numbers 8-9)
*/
function getRarity(uint256 number) private pure returns (Rarity) {
if (number == 0) return Rarity.LEGENDARY; // 10% chance
if (number <= 7) return Rarity.COMMON; // 70% chance
return Rarity.RARE; // 20% chance
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC-20 standard.
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/draft-IERC6093.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard ERC-20 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-20 tokens.
*/
interface IERC20Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC20InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC20InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
* @param spender Address that may be allowed to operate on tokens without being their owner.
* @param allowance Amount of tokens a `spender` is allowed to operate with.
* @param needed Minimum amount required to perform a transfer.
*/
error ERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC20InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `spender` to be approved. Used in approvals.
* @param spender Address that may be allowed to operate on tokens without being their owner.
*/
error ERC20InvalidSpender(address spender);
}
/**
* @dev Standard ERC-721 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-721 tokens.
*/
interface IERC721Errors {
/**
* @dev Indicates that an address can't be an owner. For example, `address(0)` is a forbidden owner in ERC-20.
* Used in balance queries.
* @param owner Address of the current owner of a token.
*/
error ERC721InvalidOwner(address owner);
/**
* @dev Indicates a `tokenId` whose `owner` is the zero address.
* @param tokenId Identifier number of a token.
*/
error ERC721NonexistentToken(uint256 tokenId);
/**
* @dev Indicates an error related to the ownership over a particular token. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param tokenId Identifier number of a token.
* @param owner Address of the current owner of a token.
*/
error ERC721IncorrectOwner(address sender, uint256 tokenId, address owner);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC721InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC721InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param tokenId Identifier number of a token.
*/
error ERC721InsufficientApproval(address operator, uint256 tokenId);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC721InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC721InvalidOperator(address operator);
}
/**
* @dev Standard ERC-1155 Errors
* Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-1155 tokens.
*/
interface IERC1155Errors {
/**
* @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
* @param balance Current balance for the interacting account.
* @param needed Minimum amount required to perform a transfer.
* @param tokenId Identifier number of a token.
*/
error ERC1155InsufficientBalance(address sender, uint256 balance, uint256 needed, uint256 tokenId);
/**
* @dev Indicates a failure with the token `sender`. Used in transfers.
* @param sender Address whose tokens are being transferred.
*/
error ERC1155InvalidSender(address sender);
/**
* @dev Indicates a failure with the token `receiver`. Used in transfers.
* @param receiver Address to which tokens are being transferred.
*/
error ERC1155InvalidReceiver(address receiver);
/**
* @dev Indicates a failure with the `operator`’s approval. Used in transfers.
* @param operator Address that may be allowed to operate on tokens without being their owner.
* @param owner Address of the current owner of a token.
*/
error ERC1155MissingApprovalForAll(address operator, address owner);
/**
* @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
* @param approver Address initiating an approval operation.
*/
error ERC1155InvalidApprover(address approver);
/**
* @dev Indicates a failure with the `operator` to be approved. Used in approvals.
* @param operator Address that may be allowed to operate on tokens without being their owner.
*/
error ERC1155InvalidOperator(address operator);
/**
* @dev Indicates an array length mismatch between ids and values in a safeBatchTransferFrom operation.
* Used in batch transfers.
* @param idsLength Length of the array of token identifiers
* @param valuesLength Length of the array of token amounts
*/
error ERC1155InvalidArrayLength(uint256 idsLength, uint256 valuesLength);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Pool state that never changes
/// @notice These parameters are fixed for a pool forever, i.e., the methods will always return the same values
interface IUniswapV3PoolImmutables {
/// @notice The contract that deployed the pool, which must adhere to the IUniswapV3Factory interface
/// @return The contract address
function factory() external view returns (address);
/// @notice The first of the two tokens of the pool, sorted by address
/// @return The token contract address
function token0() external view returns (address);
/// @notice The second of the two tokens of the pool, sorted by address
/// @return The token contract address
function token1() external view returns (address);
/// @notice The pool's fee in hundredths of a bip, i.e. 1e-6
/// @return The fee
function fee() external view returns (uint24);
/// @notice The pool tick spacing
/// @dev Ticks can only be used at multiples of this value, minimum of 1 and always positive
/// e.g.: a tickSpacing of 3 means ticks can be initialized every 3rd tick, i.e., ..., -6, -3, 0, 3, 6, ...
/// This value is an int24 to avoid casting even though it is always positive.
/// @return The tick spacing
function tickSpacing() external view returns (int24);
/// @notice The maximum amount of position liquidity that can use any tick in the range
/// @dev This parameter is enforced per tick to prevent liquidity from overflowing a uint128 at any point, and
/// also prevents out-of-range liquidity from being used to prevent adding in-range liquidity to a pool
/// @return The max amount of liquidity per tick
function maxLiquidityPerTick() external view returns (uint128);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Pool state that can change
/// @notice These methods compose the pool's state, and can change with any frequency including multiple times
/// per transaction
interface IUniswapV3PoolState {
/// @notice The 0th storage slot in the pool stores many values, and is exposed as a single method to save gas
/// when accessed externally.
/// @return sqrtPriceX96 The current price of the pool as a sqrt(token1/token0) Q64.96 value
/// @return tick The current tick of the pool, i.e. according to the last tick transition that was run.
/// This value may not always be equal to SqrtTickMath.getTickAtSqrtRatio(sqrtPriceX96) if the price is on a tick
/// boundary.
/// @return observationIndex The index of the last oracle observation that was written,
/// @return observationCardinality The current maximum number of observations stored in the pool,
/// @return observationCardinalityNext The next maximum number of observations, to be updated when the observation.
/// @return feeProtocol The protocol fee for both tokens of the pool.
/// Encoded as two 4 bit values, where the protocol fee of token1 is shifted 4 bits and the protocol fee of token0
/// is the lower 4 bits. Used as the denominator of a fraction of the swap fee, e.g. 4 means 1/4th of the swap fee.
/// unlocked Whether the pool is currently locked to reentrancy
function slot0()
external
view
returns (
uint160 sqrtPriceX96,
int24 tick,
uint16 observationIndex,
uint16 observationCardinality,
uint16 observationCardinalityNext,
uint8 feeProtocol,
bool unlocked
);
/// @notice The fee growth as a Q128.128 fees of token0 collected per unit of liquidity for the entire life of the pool
/// @dev This value can overflow the uint256
function feeGrowthGlobal0X128() external view returns (uint256);
/// @notice The fee growth as a Q128.128 fees of token1 collected per unit of liquidity for the entire life of the pool
/// @dev This value can overflow the uint256
function feeGrowthGlobal1X128() external view returns (uint256);
/// @notice The amounts of token0 and token1 that are owed to the protocol
/// @dev Protocol fees will never exceed uint128 max in either token
function protocolFees() external view returns (uint128 token0, uint128 token1);
/// @notice The currently in range liquidity available to the pool
/// @dev This value has no relationship to the total liquidity across all ticks
/// @return The liquidity at the current price of the pool
function liquidity() external view returns (uint128);
/// @notice Look up information about a specific tick in the pool
/// @param tick The tick to look up
/// @return liquidityGross the total amount of position liquidity that uses the pool either as tick lower or
/// tick upper
/// @return liquidityNet how much liquidity changes when the pool price crosses the tick,
/// @return feeGrowthOutside0X128 the fee growth on the other side of the tick from the current tick in token0,
/// @return feeGrowthOutside1X128 the fee growth on the other side of the tick from the current tick in token1,
/// @return tickCumulativeOutside the cumulative tick value on the other side of the tick from the current tick
/// @return secondsPerLiquidityOutsideX128 the seconds spent per liquidity on the other side of the tick from the current tick,
/// @return secondsOutside the seconds spent on the other side of the tick from the current tick,
/// @return initialized Set to true if the tick is initialized, i.e. liquidityGross is greater than 0, otherwise equal to false.
/// Outside values can only be used if the tick is initialized, i.e. if liquidityGross is greater than 0.
/// In addition, these values are only relative and must be used only in comparison to previous snapshots for
/// a specific position.
function ticks(int24 tick)
external
view
returns (
uint128 liquidityGross,
int128 liquidityNet,
uint256 feeGrowthOutside0X128,
uint256 feeGrowthOutside1X128,
int56 tickCumulativeOutside,
uint160 secondsPerLiquidityOutsideX128,
uint32 secondsOutside,
bool initialized
);
/// @notice Returns 256 packed tick initialized boolean values. See TickBitmap for more information
function tickBitmap(int16 wordPosition) external view returns (uint256);
/// @notice Returns the information about a position by the position's key
/// @param key The position's key is a hash of a preimage composed by the owner, tickLower and tickUpper
/// @return liquidity The amount of liquidity in the position,
/// @return feeGrowthInside0LastX128 fee growth of token0 inside the tick range as of the last mint/burn/poke,
/// @return feeGrowthInside1LastX128 fee growth of token1 inside the tick range as of the last mint/burn/poke,
/// @return tokensOwed0 the computed amount of token0 owed to the position as of the last mint/burn/poke,
/// @return tokensOwed1 the computed amount of token1 owed to the position as of the last mint/burn/poke
function positions(bytes32 key)
external
view
returns (
uint128 liquidity,
uint256 feeGrowthInside0LastX128,
uint256 feeGrowthInside1LastX128,
uint128 tokensOwed0,
uint128 tokensOwed1
);
/// @notice Returns data about a specific observation index
/// @param index The element of the observations array to fetch
/// @dev You most likely want to use #observe() instead of this method to get an observation as of some amount of time
/// ago, rather than at a specific index in the array.
/// @return blockTimestamp The timestamp of the observation,
/// @return tickCumulative the tick multiplied by seconds elapsed for the life of the pool as of the observation timestamp,
/// @return secondsPerLiquidityCumulativeX128 the seconds per in range liquidity for the life of the pool as of the observation timestamp,
/// @return initialized whether the observation has been initialized and the values are safe to use
function observations(uint256 index)
external
view
returns (
uint32 blockTimestamp,
int56 tickCumulative,
uint160 secondsPerLiquidityCumulativeX128,
bool initialized
);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Pool state that is not stored
/// @notice Contains view functions to provide information about the pool that is computed rather than stored on the
/// blockchain. The functions here may have variable gas costs.
interface IUniswapV3PoolDerivedState {
/// @notice Returns the cumulative tick and liquidity as of each timestamp `secondsAgo` from the current block timestamp
/// @dev To get a time weighted average tick or liquidity-in-range, you must call this with two values, one representing
/// the beginning of the period and another for the end of the period. E.g., to get the last hour time-weighted average tick,
/// you must call it with secondsAgos = [3600, 0].
/// @dev The time weighted average tick represents the geometric time weighted average price of the pool, in
/// log base sqrt(1.0001) of token1 / token0. The TickMath library can be used to go from a tick value to a ratio.
/// @param secondsAgos From how long ago each cumulative tick and liquidity value should be returned
/// @return tickCumulatives Cumulative tick values as of each `secondsAgos` from the current block timestamp
/// @return secondsPerLiquidityCumulativeX128s Cumulative seconds per liquidity-in-range value as of each `secondsAgos` from the current block
/// timestamp
function observe(uint32[] calldata secondsAgos)
external
view
returns (int56[] memory tickCumulatives, uint160[] memory secondsPerLiquidityCumulativeX128s);
/// @notice Returns a snapshot of the tick cumulative, seconds per liquidity and seconds inside a tick range
/// @dev Snapshots must only be compared to other snapshots, taken over a period for which a position existed.
/// I.e., snapshots cannot be compared if a position is not held for the entire period between when the first
/// snapshot is taken and the second snapshot is taken.
/// @param tickLower The lower tick of the range
/// @param tickUpper The upper tick of the range
/// @return tickCumulativeInside The snapshot of the tick accumulator for the range
/// @return secondsPerLiquidityInsideX128 The snapshot of seconds per liquidity for the range
/// @return secondsInside The snapshot of seconds per liquidity for the range
function snapshotCumulativesInside(int24 tickLower, int24 tickUpper)
external
view
returns (
int56 tickCumulativeInside,
uint160 secondsPerLiquidityInsideX128,
uint32 secondsInside
);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Permissionless pool actions
/// @notice Contains pool methods that can be called by anyone
interface IUniswapV3PoolActions {
/// @notice Sets the initial price for the pool
/// @dev Price is represented as a sqrt(amountToken1/amountToken0) Q64.96 value
/// @param sqrtPriceX96 the initial sqrt price of the pool as a Q64.96
function initialize(uint160 sqrtPriceX96) external;
/// @notice Adds liquidity for the given recipient/tickLower/tickUpper position
/// @dev The caller of this method receives a callback in the form of IUniswapV3MintCallback#uniswapV3MintCallback
/// in which they must pay any token0 or token1 owed for the liquidity. The amount of token0/token1 due depends
/// on tickLower, tickUpper, the amount of liquidity, and the current price.
/// @param recipient The address for which the liquidity will be created
/// @param tickLower The lower tick of the position in which to add liquidity
/// @param tickUpper The upper tick of the position in which to add liquidity
/// @param amount The amount of liquidity to mint
/// @param data Any data that should be passed through to the callback
/// @return amount0 The amount of token0 that was paid to mint the given amount of liquidity. Matches the value in the callback
/// @return amount1 The amount of token1 that was paid to mint the given amount of liquidity. Matches the value in the callback
function mint(
address recipient,
int24 tickLower,
int24 tickUpper,
uint128 amount,
bytes calldata data
) external returns (uint256 amount0, uint256 amount1);
/// @notice Collects tokens owed to a position
/// @dev Does not recompute fees earned, which must be done either via mint or burn of any amount of liquidity.
/// Collect must be called by the position owner. To withdraw only token0 or only token1, amount0Requested or
/// amount1Requested may be set to zero. To withdraw all tokens owed, caller may pass any value greater than the
/// actual tokens owed, e.g. type(uint128).max. Tokens owed may be from accumulated swap fees or burned liquidity.
/// @param recipient The address which should receive the fees collected
/// @param tickLower The lower tick of the position for which to collect fees
/// @param tickUpper The upper tick of the position for which to collect fees
/// @param amount0Requested How much token0 should be withdrawn from the fees owed
/// @param amount1Requested How much token1 should be withdrawn from the fees owed
/// @return amount0 The amount of fees collected in token0
/// @return amount1 The amount of fees collected in token1
function collect(
address recipient,
int24 tickLower,
int24 tickUpper,
uint128 amount0Requested,
uint128 amount1Requested
) external returns (uint128 amount0, uint128 amount1);
/// @notice Burn liquidity from the sender and account tokens owed for the liquidity to the position
/// @dev Can be used to trigger a recalculation of fees owed to a position by calling with an amount of 0
/// @dev Fees must be collected separately via a call to #collect
/// @param tickLower The lower tick of the position for which to burn liquidity
/// @param tickUpper The upper tick of the position for which to burn liquidity
/// @param amount How much liquidity to burn
/// @return amount0 The amount of token0 sent to the recipient
/// @return amount1 The amount of token1 sent to the recipient
function burn(
int24 tickLower,
int24 tickUpper,
uint128 amount
) external returns (uint256 amount0, uint256 amount1);
/// @notice Swap token0 for token1, or token1 for token0
/// @dev The caller of this method receives a callback in the form of IUniswapV3SwapCallback#uniswapV3SwapCallback
/// @param recipient The address to receive the output of the swap
/// @param zeroForOne The direction of the swap, true for token0 to token1, false for token1 to token0
/// @param amountSpecified The amount of the swap, which implicitly configures the swap as exact input (positive), or exact output (negative)
/// @param sqrtPriceLimitX96 The Q64.96 sqrt price limit. If zero for one, the price cannot be less than this
/// value after the swap. If one for zero, the price cannot be greater than this value after the swap
/// @param data Any data to be passed through to the callback
/// @return amount0 The delta of the balance of token0 of the pool, exact when negative, minimum when positive
/// @return amount1 The delta of the balance of token1 of the pool, exact when negative, minimum when positive
function swap(
address recipient,
bool zeroForOne,
int256 amountSpecified,
uint160 sqrtPriceLimitX96,
bytes calldata data
) external returns (int256 amount0, int256 amount1);
/// @notice Receive token0 and/or token1 and pay it back, plus a fee, in the callback
/// @dev The caller of this method receives a callback in the form of IUniswapV3FlashCallback#uniswapV3FlashCallback
/// @dev Can be used to donate underlying tokens pro-rata to currently in-range liquidity providers by calling
/// with 0 amount{0,1} and sending the donation amount(s) from the callback
/// @param recipient The address which will receive the token0 and token1 amounts
/// @param amount0 The amount of token0 to send
/// @param amount1 The amount of token1 to send
/// @param data Any data to be passed through to the callback
function flash(
address recipient,
uint256 amount0,
uint256 amount1,
bytes calldata data
) external;
/// @notice Increase the maximum number of price and liquidity observations that this pool will store
/// @dev This method is no-op if the pool already has an observationCardinalityNext greater than or equal to
/// the input observationCardinalityNext.
/// @param observationCardinalityNext The desired minimum number of observations for the pool to store
function increaseObservationCardinalityNext(uint16 observationCardinalityNext) external;
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Permissioned pool actions
/// @notice Contains pool methods that may only be called by the factory owner
interface IUniswapV3PoolOwnerActions {
/// @notice Set the denominator of the protocol's % share of the fees
/// @param feeProtocol0 new protocol fee for token0 of the pool
/// @param feeProtocol1 new protocol fee for token1 of the pool
function setFeeProtocol(uint8 feeProtocol0, uint8 feeProtocol1) external;
/// @notice Collect the protocol fee accrued to the pool
/// @param recipient The address to which collected protocol fees should be sent
/// @param amount0Requested The maximum amount of token0 to send, can be 0 to collect fees in only token1
/// @param amount1Requested The maximum amount of token1 to send, can be 0 to collect fees in only token0
/// @return amount0 The protocol fee collected in token0
/// @return amount1 The protocol fee collected in token1
function collectProtocol(
address recipient,
uint128 amount0Requested,
uint128 amount1Requested
) external returns (uint128 amount0, uint128 amount1);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Errors emitted by a pool
/// @notice Contains all events emitted by the pool
interface IUniswapV3PoolErrors {
error LOK();
error TLU();
error TLM();
error TUM();
error AI();
error M0();
error M1();
error AS();
error IIA();
error L();
error F0();
error F1();
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Events emitted by a pool
/// @notice Contains all events emitted by the pool
interface IUniswapV3PoolEvents {
/// @notice Emitted exactly once by a pool when #initialize is first called on the pool
/// @dev Mint/Burn/Swap cannot be emitted by the pool before Initialize
/// @param sqrtPriceX96 The initial sqrt price of the pool, as a Q64.96
/// @param tick The initial tick of the pool, i.e. log base 1.0001 of the starting price of the pool
event Initialize(uint160 sqrtPriceX96, int24 tick);
/// @notice Emitted when liquidity is minted for a given position
/// @param sender The address that minted the liquidity
/// @param owner The owner of the position and recipient of any minted liquidity
/// @param tickLower The lower tick of the position
/// @param tickUpper The upper tick of the position
/// @param amount The amount of liquidity minted to the position range
/// @param amount0 How much token0 was required for the minted liquidity
/// @param amount1 How much token1 was required for the minted liquidity
event Mint(
address sender,
address indexed owner,
int24 indexed tickLower,
int24 indexed tickUpper,
uint128 amount,
uint256 amount0,
uint256 amount1
);
/// @notice Emitted when fees are collected by the owner of a position
/// @dev Collect events may be emitted with zero amount0 and amount1 when the caller chooses not to collect fees
/// @param owner The owner of the position for which fees are collected
/// @param tickLower The lower tick of the position
/// @param tickUpper The upper tick of the position
/// @param amount0 The amount of token0 fees collected
/// @param amount1 The amount of token1 fees collected
event Collect(
address indexed owner,
address recipient,
int24 indexed tickLower,
int24 indexed tickUpper,
uint128 amount0,
uint128 amount1
);
/// @notice Emitted when a position's liquidity is removed
/// @dev Does not withdraw any fees earned by the liquidity position, which must be withdrawn via #collect
/// @param owner The owner of the position for which liquidity is removed
/// @param tickLower The lower tick of the position
/// @param tickUpper The upper tick of the position
/// @param amount The amount of liquidity to remove
/// @param amount0 The amount of token0 withdrawn
/// @param amount1 The amount of token1 withdrawn
event Burn(
address indexed owner,
int24 indexed tickLower,
int24 indexed tickUpper,
uint128 amount,
uint256 amount0,
uint256 amount1
);
/// @notice Emitted by the pool for any swaps between token0 and token1
/// @param sender The address that initiated the swap call, and that received the callback
/// @param recipient The address that received the output of the swap
/// @param amount0 The delta of the token0 balance of the pool
/// @param amount1 The delta of the token1 balance of the pool
/// @param sqrtPriceX96 The sqrt(price) of the pool after the swap, as a Q64.96
/// @param liquidity The liquidity of the pool after the swap
/// @param tick The log base 1.0001 of price of the pool after the swap
event Swap(
address indexed sender,
address indexed recipient,
int256 amount0,
int256 amount1,
uint160 sqrtPriceX96,
uint128 liquidity,
int24 tick
);
/// @notice Emitted by the pool for any flashes of token0/token1
/// @param sender The address that initiated the swap call, and that received the callback
/// @param recipient The address that received the tokens from flash
/// @param amount0 The amount of token0 that was flashed
/// @param amount1 The amount of token1 that was flashed
/// @param paid0 The amount of token0 paid for the flash, which can exceed the amount0 plus the fee
/// @param paid1 The amount of token1 paid for the flash, which can exceed the amount1 plus the fee
event Flash(
address indexed sender,
address indexed recipient,
uint256 amount0,
uint256 amount1,
uint256 paid0,
uint256 paid1
);
/// @notice Emitted by the pool for increases to the number of observations that can be stored
/// @dev observationCardinalityNext is not the observation cardinality until an observation is written at the index
/// just before a mint/swap/burn.
/// @param observationCardinalityNextOld The previous value of the next observation cardinality
/// @param observationCardinalityNextNew The updated value of the next observation cardinality
event IncreaseObservationCardinalityNext(
uint16 observationCardinalityNextOld,
uint16 observationCardinalityNextNew
);
/// @notice Emitted when the protocol fee is changed by the pool
/// @param feeProtocol0Old The previous value of the token0 protocol fee
/// @param feeProtocol1Old The previous value of the token1 protocol fee
/// @param feeProtocol0New The updated value of the token0 protocol fee
/// @param feeProtocol1New The updated value of the token1 protocol fee
event SetFeeProtocol(uint8 feeProtocol0Old, uint8 feeProtocol1Old, uint8 feeProtocol0New, uint8 feeProtocol1New);
/// @notice Emitted when the collected protocol fees are withdrawn by the factory owner
/// @param sender The address that collects the protocol fees
/// @param recipient The address that receives the collected protocol fees
/// @param amount0 The amount of token0 protocol fees that is withdrawn
/// @param amount0 The amount of token1 protocol fees that is withdrawn
event CollectProtocol(address indexed sender, address indexed recipient, uint128 amount0, uint128 amount1);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
pragma solidity ^0.8.20;
import {Context} from "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* The initial owner is set to the address provided by the deployer. This can
* later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
/**
* @dev The caller account is not authorized to perform an operation.
*/
error OwnableUnauthorizedAccount(address account);
/**
* @dev The owner is not a valid owner account. (eg. `address(0)`)
*/
error OwnableInvalidOwner(address owner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the address provided by the deployer as the initial owner.
*/
constructor(address initialOwner) {
if (initialOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(initialOwner);
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
if (owner() != _msgSender()) {
revert OwnableUnauthorizedAccount(_msgSender());
}
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby disabling any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
if (newOwner == address(0)) {
revert OwnableInvalidOwner(address(0));
}
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/extensions/IERC721Metadata.sol)
pragma solidity ^0.8.20;
import {IERC721} from "../IERC721.sol";
/**
* @title ERC-721 Non-Fungible Token Standard, optional metadata extension
* @dev See https://eips.ethereum.org/EIPS/eip-721
*/
interface IERC721Metadata is IERC721 {
/**
* @dev Returns the token collection name.
*/
function name() external view returns (string memory);
/**
* @dev Returns the token collection symbol.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the Uniform Resource Identifier (URI) for `tokenId` token.
*/
function tokenURI(uint256 tokenId) external view returns (string memory);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/extensions/IERC721Enumerable.sol)
pragma solidity ^0.8.20;
import {IERC721} from "../IERC721.sol";
/**
* @title ERC-721 Non-Fungible Token Standard, optional enumeration extension
* @dev See https://eips.ethereum.org/EIPS/eip-721
*/
interface IERC721Enumerable is IERC721 {
/**
* @dev Returns the total amount of tokens stored by the contract.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns a token ID owned by `owner` at a given `index` of its token list.
* Use along with {balanceOf} to enumerate all of ``owner``'s tokens.
*/
function tokenOfOwnerByIndex(address owner, uint256 index) external view returns (uint256);
/**
* @dev Returns a token ID at a given `index` of all the tokens stored by the contract.
* Use along with {totalSupply} to enumerate all tokens.
*/
function tokenByIndex(uint256 index) external view returns (uint256);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
pragma abicoder v2;
/// @title Creates and initializes V3 Pools
/// @notice Provides a method for creating and initializing a pool, if necessary, for bundling with other methods that
/// require the pool to exist.
interface IPoolInitializer {
/// @notice Creates a new pool if it does not exist, then initializes if not initialized
/// @dev This method can be bundled with others via IMulticall for the first action (e.g. mint) performed against a pool
/// @param token0 The contract address of token0 of the pool
/// @param token1 The contract address of token1 of the pool
/// @param fee The fee amount of the v3 pool for the specified token pair
/// @param sqrtPriceX96 The initial square root price of the pool as a Q64.96 value
/// @return pool Returns the pool address based on the pair of tokens and fee, will return the newly created pool address if necessary
function createAndInitializePoolIfNecessary(
address token0,
address token1,
uint24 fee,
uint160 sqrtPriceX96
) external payable returns (address pool);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
import '@openzeppelin/contracts/token/ERC721/IERC721.sol';
/// @title ERC721 with permit
/// @notice Extension to ERC721 that includes a permit function for signature based approvals
interface IERC721Permit is IERC721 {
/// @notice The permit typehash used in the permit signature
/// @return The typehash for the permit
function PERMIT_TYPEHASH() external pure returns (bytes32);
/// @notice The domain separator used in the permit signature
/// @return The domain seperator used in encoding of permit signature
function DOMAIN_SEPARATOR() external view returns (bytes32);
/// @notice Approve of a specific token ID for spending by spender via signature
/// @param spender The account that is being approved
/// @param tokenId The ID of the token that is being approved for spending
/// @param deadline The deadline timestamp by which the call must be mined for the approve to work
/// @param v Must produce valid secp256k1 signature from the holder along with `r` and `s`
/// @param r Must produce valid secp256k1 signature from the holder along with `v` and `s`
/// @param s Must produce valid secp256k1 signature from the holder along with `r` and `v`
function permit(
address spender,
uint256 tokenId,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external payable;
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
/// @title Periphery Payments
/// @notice Functions to ease deposits and withdrawals of ETH
interface IPeripheryPayments {
/// @notice Unwraps the contract's WETH9 balance and sends it to recipient as ETH.
/// @dev The amountMinimum parameter prevents malicious contracts from stealing WETH9 from users.
/// @param amountMinimum The minimum amount of WETH9 to unwrap
/// @param recipient The address receiving ETH
function unwrapWETH9(uint256 amountMinimum, address recipient) external payable;
/// @notice Refunds any ETH balance held by this contract to the `msg.sender`
/// @dev Useful for bundling with mint or increase liquidity that uses ether, or exact output swaps
/// that use ether for the input amount
function refundETH() external payable;
/// @notice Transfers the full amount of a token held by this contract to recipient
/// @dev The amountMinimum parameter prevents malicious contracts from stealing the token from users
/// @param token The contract address of the token which will be transferred to `recipient`
/// @param amountMinimum The minimum amount of token required for a transfer
/// @param recipient The destination address of the token
function sweepToken(
address token,
uint256 amountMinimum,
address recipient
) external payable;
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Immutable state
/// @notice Functions that return immutable state of the router
interface IPeripheryImmutableState {
/// @return Returns the address of the Uniswap V3 factory
function factory() external view returns (address);
/// @return Returns the address of WETH9
function WETH9() external view returns (address);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Provides functions for deriving a pool address from the factory, tokens, and the fee
library PoolAddress {
bytes32 internal constant POOL_INIT_CODE_HASH = 0xa598dd2fba360510c5a8f02f44423a4468e902df5857dbce3ca162a43a3a31ff;
/// @notice The identifying key of the pool
struct PoolKey {
address token0;
address token1;
uint24 fee;
}
/// @notice Returns PoolKey: the ordered tokens with the matched fee levels
/// @param tokenA The first token of a pool, unsorted
/// @param tokenB The second token of a pool, unsorted
/// @param fee The fee level of the pool
/// @return Poolkey The pool details with ordered token0 and token1 assignments
function getPoolKey(
address tokenA,
address tokenB,
uint24 fee
) internal pure returns (PoolKey memory) {
if (tokenA > tokenB) (tokenA, tokenB) = (tokenB, tokenA);
return PoolKey({token0: tokenA, token1: tokenB, fee: fee});
}
/// @notice Deterministically computes the pool address given the factory and PoolKey
/// @param factory The Uniswap V3 factory contract address
/// @param key The PoolKey
/// @return pool The contract address of the V3 pool
function computeAddress(address factory, PoolKey memory key) internal pure returns (address pool) {
require(key.token0 < key.token1);
pool = address(
uint160(
uint256(
keccak256(
abi.encodePacked(
hex'ff',
factory,
keccak256(abi.encode(key.token0, key.token1, key.fee)),
POOL_INIT_CODE_HASH
)
)
)
)
);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../token/ERC20/IERC20.sol";// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/IERC1363.sol)
pragma solidity ^0.8.20;
import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";
/**
* @title IERC1363
* @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
*
* Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
* after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
*/
interface IERC1363 is IERC20, IERC165 {
/*
* Note: the ERC-165 identifier for this interface is 0xb0202a11.
* 0xb0202a11 ===
* bytes4(keccak256('transferAndCall(address,uint256)')) ^
* bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
* bytes4(keccak256('approveAndCall(address,uint256)')) ^
* bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
*/
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @param data Additional data with no specified format, sent in call to `spender`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Provides functions for deriving a pool address from the factory, tokens, and the fee
library PoolAddress {
bytes32 internal constant POOL_INIT_CODE_HASH = 0xe34f199b19b2b4f47f68442619d555527d244f78a3297ea89325f843f87b8b54; // TODO update??
/// @notice The identifying key of the pool
struct PoolKey {
address token0;
address token1;
uint24 fee;
}
/// @notice Returns PoolKey: the ordered tokens with the matched fee levels
/// @param tokenA The first token of a pool, unsorted
/// @param tokenB The second token of a pool, unsorted
/// @param fee The fee level of the pool
/// @return Poolkey The pool details with ordered token0 and token1 assignments
function getPoolKey(address tokenA, address tokenB, uint24 fee) internal pure returns (PoolKey memory) {
if (tokenA > tokenB) (tokenA, tokenB) = (tokenB, tokenA);
return PoolKey({token0: tokenA, token1: tokenB, fee: fee});
}
/// @notice Deterministically computes the pool address given the factory and PoolKey
/// @param factory The Uniswap V3 factory contract address
/// @param key The PoolKey
/// @return pool The contract address of the V3 pool
function computeAddress(address factory, PoolKey memory key) internal pure returns (address pool) {
require(key.token0 < key.token1);
pool = address(
uint160(
uint256(
keccak256(
abi.encodePacked(
hex"ff",
factory,
keccak256(abi.encode(key.token0, key.token1, key.fee)),
POOL_INIT_CODE_HASH
)
)
)
)
);
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.27;
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";
/**
* @notice Adapted Uniswap V3 OracleLibrary computation to be compliant with Solidity 0.8.x and later.
*
* Documentation for Auditors:
*
* Solidity Version: Updated the Solidity version pragma to ^0.8.0. This change ensures compatibility
* with Solidity version 0.8.x.
*
* Safe Arithmetic Operations: Solidity 0.8.x automatically checks for arithmetic overflows/underflows.
* Therefore, the code no longer needs to use SafeMath library (or similar) for basic arithmetic operations.
* This change simplifies the code and reduces the potential for errors related to manual overflow/underflow checking.
*
* Overflow/Underflow: With the introduction of automatic overflow/underflow checks in Solidity 0.8.x, the code is inherently
* safer and less prone to certain types of arithmetic errors.
*
* Removal of SafeMath Library: Since Solidity 0.8.x handles arithmetic operations safely, the use of SafeMath library
* is omitted in this update.
*
* Git-style diff for the `consult` function:
*
* ```diff
* function consult(address pool, uint32 secondsAgo)
* internal
* view
* returns (int24 arithmeticMeanTick, uint128 harmonicMeanLiquidity)
* {
* require(secondsAgo != 0, 'BP');
*
* uint32[] memory secondsAgos = new uint32[](2);
* secondsAgos[0] = secondsAgo;
* secondsAgos[1] = 0;
*
* (int56[] memory tickCumulatives, uint160[] memory secondsPerLiquidityCumulativeX128s) =
* IUniswapV3Pool(pool).observe(secondsAgos);
*
* int56 tickCumulativesDelta = tickCumulatives[1] - tickCumulatives[0];
* uint160 secondsPerLiquidityCumulativesDelta =
* secondsPerLiquidityCumulativeX128s[1] - secondsPerLiquidityCumulativeX128s[0];
*
* - arithmeticMeanTick = int24(tickCumulativesDelta / secondsAgo);
* + int56 secondsAgoInt56 = int56(uint56(secondsAgo));
* + arithmeticMeanTick = int24(tickCumulativesDelta / secondsAgoInt56);
* // Always round to negative infinity
* - if (tickCumulativesDelta < 0 && (tickCumulativesDelta % secondsAgo != 0)) arithmeticMeanTick--;
* + if (tickCumulativesDelta < 0 && (tickCumulativesDelta % secondsAgoInt56 != 0)) arithmeticMeanTick--;
*
* - uint192 secondsAgoX160 = uint192(secondsAgo) * type(uint160).max;
* + uint192 secondsAgoUint192 = uint192(secondsAgo);
* + uint192 secondsAgoX160 = secondsAgoUint192 * type(uint160).max;
* harmonicMeanLiquidity = uint128(secondsAgoX160 / (uint192(secondsPerLiquidityCumulativesDelta) << 32));
* }
* ```
*/
/// @title Oracle library
/// @notice Provides functions to integrate with V3 pool oracle
library OracleLibrary {
/// @notice Calculates time-weighted means of tick and liquidity for a given Uniswap V3 pool
/// @param pool Address of the pool that we want to observe
/// @param secondsAgo Number of seconds in the past from which to calculate the time-weighted means
/// @return arithmeticMeanTick The arithmetic mean tick from (block.timestamp - secondsAgo) to block.timestamp
/// @return harmonicMeanLiquidity The harmonic mean liquidity from (block.timestamp - secondsAgo) to block.timestamp
function consult(address pool, uint32 secondsAgo)
internal
view
returns (int24 arithmeticMeanTick, uint128 harmonicMeanLiquidity)
{
require(secondsAgo != 0, "BP");
uint32[] memory secondsAgos = new uint32[](2);
secondsAgos[0] = secondsAgo;
secondsAgos[1] = 0;
(int56[] memory tickCumulatives, uint160[] memory secondsPerLiquidityCumulativeX128s) =
IUniswapV3Pool(pool).observe(secondsAgos);
int56 tickCumulativesDelta = tickCumulatives[1] - tickCumulatives[0];
uint160 secondsPerLiquidityCumulativesDelta;
unchecked {
secondsPerLiquidityCumulativesDelta =
secondsPerLiquidityCumulativeX128s[1] - secondsPerLiquidityCumulativeX128s[0];
}
// Safe casting of secondsAgo to int56 for division
int56 secondsAgoInt56 = int56(uint56(secondsAgo));
arithmeticMeanTick = int24(tickCumulativesDelta / secondsAgoInt56);
// Always round to negative infinity
if (tickCumulativesDelta < 0 && (tickCumulativesDelta % secondsAgoInt56 != 0)) arithmeticMeanTick--;
// Safe casting of secondsAgo to uint192 for multiplication
uint192 secondsAgoUint192 = uint192(secondsAgo);
harmonicMeanLiquidity = uint128(
(secondsAgoUint192 * uint192(type(uint160).max)) / (uint192(secondsPerLiquidityCumulativesDelta) << 32)
);
}
/// @notice Given a pool, it returns the number of seconds ago of the oldest stored observation
/// @param pool Address of Uniswap V3 pool that we want to observe
/// @return secondsAgo The number of seconds ago of the oldest observation stored for the pool
function getOldestObservationSecondsAgo(address pool) internal view returns (uint32 secondsAgo) {
(,, uint16 observationIndex, uint16 observationCardinality,,,) = IUniswapV3Pool(pool).slot0();
require(observationCardinality > 0, "NI");
(uint32 observationTimestamp,,, bool initialized) =
IUniswapV3Pool(pool).observations((observationIndex + 1) % observationCardinality);
// The next index might not be initialized if the cardinality is in the process of increasing
// In this case the oldest observation is always in index 0
if (!initialized) {
(observationTimestamp,,,) = IUniswapV3Pool(pool).observations(0);
}
secondsAgo = uint32(block.timestamp) - observationTimestamp;
}
/// @notice Given a tick and a token amount, calculates the amount of token received in exchange
/// a slightly modified version of the UniSwap library getQuoteAtTick to accept a sqrtRatioX96 as input parameter
/// @param sqrtRatioX96 The sqrt ration
/// @param baseAmount Amount of token to be converted
/// @param baseToken Address of an ERC20 token contract used as the baseAmount denomination
/// @param quoteToken Address of an ERC20 token contract used as the quoteAmount denomination
/// @return quoteAmount Amount of quoteToken received for baseAmount of baseToken
function getQuoteForSqrtRatioX96(uint160 sqrtRatioX96, uint256 baseAmount, address baseToken, address quoteToken)
internal
pure
returns (uint256 quoteAmount)
{
// Calculate quoteAmount with better precision if it doesn't overflow when multiplied by itself
if (sqrtRatioX96 <= type(uint128).max) {
uint256 ratioX192 = uint256(sqrtRatioX96) ** 2;
quoteAmount = baseToken < quoteToken
? Math.mulDiv(ratioX192, baseAmount, 1 << 192)
: Math.mulDiv(1 << 192, baseAmount, ratioX192);
} else {
uint256 ratioX128 = Math.mulDiv(sqrtRatioX96, sqrtRatioX96, 1 << 64);
quoteAmount = baseToken < quoteToken
? Math.mulDiv(ratioX128, baseAmount, 1 << 128)
: Math.mulDiv(1 << 128, baseAmount, ratioX128);
}
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
pragma abicoder v2;
import '@uniswap/v3-core/contracts/interfaces/callback/IUniswapV3SwapCallback.sol';
/// @title Router token swapping functionality
/// @notice Functions for swapping tokens via Uniswap V3
interface ISwapRouter is IUniswapV3SwapCallback {
struct ExactInputSingleParams {
address tokenIn;
address tokenOut;
uint24 fee;
address recipient;
uint256 deadline;
uint256 amountIn;
uint256 amountOutMinimum;
uint160 sqrtPriceLimitX96;
}
/// @notice Swaps `amountIn` of one token for as much as possible of another token
/// @param params The parameters necessary for the swap, encoded as `ExactInputSingleParams` in calldata
/// @return amountOut The amount of the received token
function exactInputSingle(ExactInputSingleParams calldata params) external payable returns (uint256 amountOut);
struct ExactInputParams {
bytes path;
address recipient;
uint256 deadline;
uint256 amountIn;
uint256 amountOutMinimum;
}
/// @notice Swaps `amountIn` of one token for as much as possible of another along the specified path
/// @param params The parameters necessary for the multi-hop swap, encoded as `ExactInputParams` in calldata
/// @return amountOut The amount of the received token
function exactInput(ExactInputParams calldata params) external payable returns (uint256 amountOut);
struct ExactOutputSingleParams {
address tokenIn;
address tokenOut;
uint24 fee;
address recipient;
uint256 deadline;
uint256 amountOut;
uint256 amountInMaximum;
uint160 sqrtPriceLimitX96;
}
/// @notice Swaps as little as possible of one token for `amountOut` of another token
/// @param params The parameters necessary for the swap, encoded as `ExactOutputSingleParams` in calldata
/// @return amountIn The amount of the input token
function exactOutputSingle(ExactOutputSingleParams calldata params) external payable returns (uint256 amountIn);
struct ExactOutputParams {
bytes path;
address recipient;
uint256 deadline;
uint256 amountOut;
uint256 amountInMaximum;
}
/// @notice Swaps as little as possible of one token for `amountOut` of another along the specified path (reversed)
/// @param params The parameters necessary for the multi-hop swap, encoded as `ExactOutputParams` in calldata
/// @return amountIn The amount of the input token
function exactOutput(ExactOutputParams calldata params) external payable returns (uint256 amountIn);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/ERC721.sol)
pragma solidity ^0.8.20;
import {IERC721} from "./IERC721.sol";
import {IERC721Metadata} from "./extensions/IERC721Metadata.sol";
import {ERC721Utils} from "./utils/ERC721Utils.sol";
import {Context} from "../../utils/Context.sol";
import {Strings} from "../../utils/Strings.sol";
import {IERC165, ERC165} from "../../utils/introspection/ERC165.sol";
import {IERC721Errors} from "../../interfaces/draft-IERC6093.sol";
/**
* @dev Implementation of https://eips.ethereum.org/EIPS/eip-721[ERC-721] Non-Fungible Token Standard, including
* the Metadata extension, but not including the Enumerable extension, which is available separately as
* {ERC721Enumerable}.
*/
abstract contract ERC721 is Context, ERC165, IERC721, IERC721Metadata, IERC721Errors {
using Strings for uint256;
// Token name
string private _name;
// Token symbol
string private _symbol;
mapping(uint256 tokenId => address) private _owners;
mapping(address owner => uint256) private _balances;
mapping(uint256 tokenId => address) private _tokenApprovals;
mapping(address owner => mapping(address operator => bool)) private _operatorApprovals;
/**
* @dev Initializes the contract by setting a `name` and a `symbol` to the token collection.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
return
interfaceId == type(IERC721).interfaceId ||
interfaceId == type(IERC721Metadata).interfaceId ||
super.supportsInterface(interfaceId);
}
/**
* @dev See {IERC721-balanceOf}.
*/
function balanceOf(address owner) public view virtual returns (uint256) {
if (owner == address(0)) {
revert ERC721InvalidOwner(address(0));
}
return _balances[owner];
}
/**
* @dev See {IERC721-ownerOf}.
*/
function ownerOf(uint256 tokenId) public view virtual returns (address) {
return _requireOwned(tokenId);
}
/**
* @dev See {IERC721Metadata-name}.
*/
function name() public view virtual returns (string memory) {
return _name;
}
/**
* @dev See {IERC721Metadata-symbol}.
*/
function symbol() public view virtual returns (string memory) {
return _symbol;
}
/**
* @dev See {IERC721Metadata-tokenURI}.
*/
function tokenURI(uint256 tokenId) public view virtual returns (string memory) {
_requireOwned(tokenId);
string memory baseURI = _baseURI();
return bytes(baseURI).length > 0 ? string.concat(baseURI, tokenId.toString()) : "";
}
/**
* @dev Base URI for computing {tokenURI}. If set, the resulting URI for each
* token will be the concatenation of the `baseURI` and the `tokenId`. Empty
* by default, can be overridden in child contracts.
*/
function _baseURI() internal view virtual returns (string memory) {
return "";
}
/**
* @dev See {IERC721-approve}.
*/
function approve(address to, uint256 tokenId) public virtual {
_approve(to, tokenId, _msgSender());
}
/**
* @dev See {IERC721-getApproved}.
*/
function getApproved(uint256 tokenId) public view virtual returns (address) {
_requireOwned(tokenId);
return _getApproved(tokenId);
}
/**
* @dev See {IERC721-setApprovalForAll}.
*/
function setApprovalForAll(address operator, bool approved) public virtual {
_setApprovalForAll(_msgSender(), operator, approved);
}
/**
* @dev See {IERC721-isApprovedForAll}.
*/
function isApprovedForAll(address owner, address operator) public view virtual returns (bool) {
return _operatorApprovals[owner][operator];
}
/**
* @dev See {IERC721-transferFrom}.
*/
function transferFrom(address from, address to, uint256 tokenId) public virtual {
if (to == address(0)) {
revert ERC721InvalidReceiver(address(0));
}
// Setting an "auth" arguments enables the `_isAuthorized` check which verifies that the token exists
// (from != 0). Therefore, it is not needed to verify that the return value is not 0 here.
address previousOwner = _update(to, tokenId, _msgSender());
if (previousOwner != from) {
revert ERC721IncorrectOwner(from, tokenId, previousOwner);
}
}
/**
* @dev See {IERC721-safeTransferFrom}.
*/
function safeTransferFrom(address from, address to, uint256 tokenId) public {
safeTransferFrom(from, to, tokenId, "");
}
/**
* @dev See {IERC721-safeTransferFrom}.
*/
function safeTransferFrom(address from, address to, uint256 tokenId, bytes memory data) public virtual {
transferFrom(from, to, tokenId);
ERC721Utils.checkOnERC721Received(_msgSender(), from, to, tokenId, data);
}
/**
* @dev Returns the owner of the `tokenId`. Does NOT revert if token doesn't exist
*
* IMPORTANT: Any overrides to this function that add ownership of tokens not tracked by the
* core ERC-721 logic MUST be matched with the use of {_increaseBalance} to keep balances
* consistent with ownership. The invariant to preserve is that for any address `a` the value returned by
* `balanceOf(a)` must be equal to the number of tokens such that `_ownerOf(tokenId)` is `a`.
*/
function _ownerOf(uint256 tokenId) internal view virtual returns (address) {
return _owners[tokenId];
}
/**
* @dev Returns the approved address for `tokenId`. Returns 0 if `tokenId` is not minted.
*/
function _getApproved(uint256 tokenId) internal view virtual returns (address) {
return _tokenApprovals[tokenId];
}
/**
* @dev Returns whether `spender` is allowed to manage `owner`'s tokens, or `tokenId` in
* particular (ignoring whether it is owned by `owner`).
*
* WARNING: This function assumes that `owner` is the actual owner of `tokenId` and does not verify this
* assumption.
*/
function _isAuthorized(address owner, address spender, uint256 tokenId) internal view virtual returns (bool) {
return
spender != address(0) &&
(owner == spender || isApprovedForAll(owner, spender) || _getApproved(tokenId) == spender);
}
/**
* @dev Checks if `spender` can operate on `tokenId`, assuming the provided `owner` is the actual owner.
* Reverts if:
* - `spender` does not have approval from `owner` for `tokenId`.
* - `spender` does not have approval to manage all of `owner`'s assets.
*
* WARNING: This function assumes that `owner` is the actual owner of `tokenId` and does not verify this
* assumption.
*/
function _checkAuthorized(address owner, address spender, uint256 tokenId) internal view virtual {
if (!_isAuthorized(owner, spender, tokenId)) {
if (owner == address(0)) {
revert ERC721NonexistentToken(tokenId);
} else {
revert ERC721InsufficientApproval(spender, tokenId);
}
}
}
/**
* @dev Unsafe write access to the balances, used by extensions that "mint" tokens using an {ownerOf} override.
*
* NOTE: the value is limited to type(uint128).max. This protect against _balance overflow. It is unrealistic that
* a uint256 would ever overflow from increments when these increments are bounded to uint128 values.
*
* WARNING: Increasing an account's balance using this function tends to be paired with an override of the
* {_ownerOf} function to resolve the ownership of the corresponding tokens so that balances and ownership
* remain consistent with one another.
*/
function _increaseBalance(address account, uint128 value) internal virtual {
unchecked {
_balances[account] += value;
}
}
/**
* @dev Transfers `tokenId` from its current owner to `to`, or alternatively mints (or burns) if the current owner
* (or `to`) is the zero address. Returns the owner of the `tokenId` before the update.
*
* The `auth` argument is optional. If the value passed is non 0, then this function will check that
* `auth` is either the owner of the token, or approved to operate on the token (by the owner).
*
* Emits a {Transfer} event.
*
* NOTE: If overriding this function in a way that tracks balances, see also {_increaseBalance}.
*/
function _update(address to, uint256 tokenId, address auth) internal virtual returns (address) {
address from = _ownerOf(tokenId);
// Perform (optional) operator check
if (auth != address(0)) {
_checkAuthorized(from, auth, tokenId);
}
// Execute the update
if (from != address(0)) {
// Clear approval. No need to re-authorize or emit the Approval event
_approve(address(0), tokenId, address(0), false);
unchecked {
_balances[from] -= 1;
}
}
if (to != address(0)) {
unchecked {
_balances[to] += 1;
}
}
_owners[tokenId] = to;
emit Transfer(from, to, tokenId);
return from;
}
/**
* @dev Mints `tokenId` and transfers it to `to`.
*
* WARNING: Usage of this method is discouraged, use {_safeMint} whenever possible
*
* Requirements:
*
* - `tokenId` must not exist.
* - `to` cannot be the zero address.
*
* Emits a {Transfer} event.
*/
function _mint(address to, uint256 tokenId) internal {
if (to == address(0)) {
revert ERC721InvalidReceiver(address(0));
}
address previousOwner = _update(to, tokenId, address(0));
if (previousOwner != address(0)) {
revert ERC721InvalidSender(address(0));
}
}
/**
* @dev Mints `tokenId`, transfers it to `to` and checks for `to` acceptance.
*
* Requirements:
*
* - `tokenId` must not exist.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
*
* Emits a {Transfer} event.
*/
function _safeMint(address to, uint256 tokenId) internal {
_safeMint(to, tokenId, "");
}
/**
* @dev Same as {xref-ERC721-_safeMint-address-uint256-}[`_safeMint`], with an additional `data` parameter which is
* forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
*/
function _safeMint(address to, uint256 tokenId, bytes memory data) internal virtual {
_mint(to, tokenId);
ERC721Utils.checkOnERC721Received(_msgSender(), address(0), to, tokenId, data);
}
/**
* @dev Destroys `tokenId`.
* The approval is cleared when the token is burned.
* This is an internal function that does not check if the sender is authorized to operate on the token.
*
* Requirements:
*
* - `tokenId` must exist.
*
* Emits a {Transfer} event.
*/
function _burn(uint256 tokenId) internal {
address previousOwner = _update(address(0), tokenId, address(0));
if (previousOwner == address(0)) {
revert ERC721NonexistentToken(tokenId);
}
}
/**
* @dev Transfers `tokenId` from `from` to `to`.
* As opposed to {transferFrom}, this imposes no restrictions on msg.sender.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - `tokenId` token must be owned by `from`.
*
* Emits a {Transfer} event.
*/
function _transfer(address from, address to, uint256 tokenId) internal {
if (to == address(0)) {
revert ERC721InvalidReceiver(address(0));
}
address previousOwner = _update(to, tokenId, address(0));
if (previousOwner == address(0)) {
revert ERC721NonexistentToken(tokenId);
} else if (previousOwner != from) {
revert ERC721IncorrectOwner(from, tokenId, previousOwner);
}
}
/**
* @dev Safely transfers `tokenId` token from `from` to `to`, checking that contract recipients
* are aware of the ERC-721 standard to prevent tokens from being forever locked.
*
* `data` is additional data, it has no specified format and it is sent in call to `to`.
*
* This internal function is like {safeTransferFrom} in the sense that it invokes
* {IERC721Receiver-onERC721Received} on the receiver, and can be used to e.g.
* implement alternative mechanisms to perform token transfer, such as signature-based.
*
* Requirements:
*
* - `tokenId` token must exist and be owned by `from`.
* - `to` cannot be the zero address.
* - `from` cannot be the zero address.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
*
* Emits a {Transfer} event.
*/
function _safeTransfer(address from, address to, uint256 tokenId) internal {
_safeTransfer(from, to, tokenId, "");
}
/**
* @dev Same as {xref-ERC721-_safeTransfer-address-address-uint256-}[`_safeTransfer`], with an additional `data` parameter which is
* forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
*/
function _safeTransfer(address from, address to, uint256 tokenId, bytes memory data) internal virtual {
_transfer(from, to, tokenId);
ERC721Utils.checkOnERC721Received(_msgSender(), from, to, tokenId, data);
}
/**
* @dev Approve `to` to operate on `tokenId`
*
* The `auth` argument is optional. If the value passed is non 0, then this function will check that `auth` is
* either the owner of the token, or approved to operate on all tokens held by this owner.
*
* Emits an {Approval} event.
*
* Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
*/
function _approve(address to, uint256 tokenId, address auth) internal {
_approve(to, tokenId, auth, true);
}
/**
* @dev Variant of `_approve` with an optional flag to enable or disable the {Approval} event. The event is not
* emitted in the context of transfers.
*/
function _approve(address to, uint256 tokenId, address auth, bool emitEvent) internal virtual {
// Avoid reading the owner unless necessary
if (emitEvent || auth != address(0)) {
address owner = _requireOwned(tokenId);
// We do not use _isAuthorized because single-token approvals should not be able to call approve
if (auth != address(0) && owner != auth && !isApprovedForAll(owner, auth)) {
revert ERC721InvalidApprover(auth);
}
if (emitEvent) {
emit Approval(owner, to, tokenId);
}
}
_tokenApprovals[tokenId] = to;
}
/**
* @dev Approve `operator` to operate on all of `owner` tokens
*
* Requirements:
* - operator can't be the address zero.
*
* Emits an {ApprovalForAll} event.
*/
function _setApprovalForAll(address owner, address operator, bool approved) internal virtual {
if (operator == address(0)) {
revert ERC721InvalidOperator(operator);
}
_operatorApprovals[owner][operator] = approved;
emit ApprovalForAll(owner, operator, approved);
}
/**
* @dev Reverts if the `tokenId` doesn't have a current owner (it hasn't been minted, or it has been burned).
* Returns the owner.
*
* Overrides to ownership logic should be done to {_ownerOf}.
*/
function _requireOwned(uint256 tokenId) internal view returns (address) {
address owner = _ownerOf(tokenId);
if (owner == address(0)) {
revert ERC721NonexistentToken(tokenId);
}
return owner;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/extensions/ERC721URIStorage.sol)
pragma solidity ^0.8.20;
import {ERC721} from "../ERC721.sol";
import {Strings} from "../../../utils/Strings.sol";
import {IERC4906} from "../../../interfaces/IERC4906.sol";
import {IERC165} from "../../../interfaces/IERC165.sol";
/**
* @dev ERC-721 token with storage based token URI management.
*/
abstract contract ERC721URIStorage is IERC4906, ERC721 {
using Strings for uint256;
// Interface ID as defined in ERC-4906. This does not correspond to a traditional interface ID as ERC-4906 only
// defines events and does not include any external function.
bytes4 private constant ERC4906_INTERFACE_ID = bytes4(0x49064906);
// Optional mapping for token URIs
mapping(uint256 tokenId => string) private _tokenURIs;
/**
* @dev See {IERC165-supportsInterface}
*/
function supportsInterface(bytes4 interfaceId) public view virtual override(ERC721, IERC165) returns (bool) {
return interfaceId == ERC4906_INTERFACE_ID || super.supportsInterface(interfaceId);
}
/**
* @dev See {IERC721Metadata-tokenURI}.
*/
function tokenURI(uint256 tokenId) public view virtual override returns (string memory) {
_requireOwned(tokenId);
string memory _tokenURI = _tokenURIs[tokenId];
string memory base = _baseURI();
// If there is no base URI, return the token URI.
if (bytes(base).length == 0) {
return _tokenURI;
}
// If both are set, concatenate the baseURI and tokenURI (via string.concat).
if (bytes(_tokenURI).length > 0) {
return string.concat(base, _tokenURI);
}
return super.tokenURI(tokenId);
}
/**
* @dev Sets `_tokenURI` as the tokenURI of `tokenId`.
*
* Emits {MetadataUpdate}.
*/
function _setTokenURI(uint256 tokenId, string memory _tokenURI) internal virtual {
_tokenURIs[tokenId] = _tokenURI;
emit MetadataUpdate(tokenId);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/IERC721.sol)
pragma solidity ^0.8.20;
import {IERC165} from "../../utils/introspection/IERC165.sol";
/**
* @dev Required interface of an ERC-721 compliant contract.
*/
interface IERC721 is IERC165 {
/**
* @dev Emitted when `tokenId` token is transferred from `from` to `to`.
*/
event Transfer(address indexed from, address indexed to, uint256 indexed tokenId);
/**
* @dev Emitted when `owner` enables `approved` to manage the `tokenId` token.
*/
event Approval(address indexed owner, address indexed approved, uint256 indexed tokenId);
/**
* @dev Emitted when `owner` enables or disables (`approved`) `operator` to manage all of its assets.
*/
event ApprovalForAll(address indexed owner, address indexed operator, bool approved);
/**
* @dev Returns the number of tokens in ``owner``'s account.
*/
function balanceOf(address owner) external view returns (uint256 balance);
/**
* @dev Returns the owner of the `tokenId` token.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function ownerOf(uint256 tokenId) external view returns (address owner);
/**
* @dev Safely transfers `tokenId` token from `from` to `to`.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon
* a safe transfer.
*
* Emits a {Transfer} event.
*/
function safeTransferFrom(address from, address to, uint256 tokenId, bytes calldata data) external;
/**
* @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients
* are aware of the ERC-721 protocol to prevent tokens from being forever locked.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must exist and be owned by `from`.
* - If the caller is not `from`, it must have been allowed to move this token by either {approve} or
* {setApprovalForAll}.
* - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon
* a safe transfer.
*
* Emits a {Transfer} event.
*/
function safeTransferFrom(address from, address to, uint256 tokenId) external;
/**
* @dev Transfers `tokenId` token from `from` to `to`.
*
* WARNING: Note that the caller is responsible to confirm that the recipient is capable of receiving ERC-721
* or else they may be permanently lost. Usage of {safeTransferFrom} prevents loss, though the caller must
* understand this adds an external call which potentially creates a reentrancy vulnerability.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `tokenId` token must be owned by `from`.
* - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 tokenId) external;
/**
* @dev Gives permission to `to` to transfer `tokenId` token to another account.
* The approval is cleared when the token is transferred.
*
* Only a single account can be approved at a time, so approving the zero address clears previous approvals.
*
* Requirements:
*
* - The caller must own the token or be an approved operator.
* - `tokenId` must exist.
*
* Emits an {Approval} event.
*/
function approve(address to, uint256 tokenId) external;
/**
* @dev Approve or remove `operator` as an operator for the caller.
* Operators can call {transferFrom} or {safeTransferFrom} for any token owned by the caller.
*
* Requirements:
*
* - The `operator` cannot be the address zero.
*
* Emits an {ApprovalForAll} event.
*/
function setApprovalForAll(address operator, bool approved) external;
/**
* @dev Returns the account approved for `tokenId` token.
*
* Requirements:
*
* - `tokenId` must exist.
*/
function getApproved(uint256 tokenId) external view returns (address operator);
/**
* @dev Returns if the `operator` is allowed to manage all of the assets of `owner`.
*
* See {setApprovalForAll}
*/
function isApprovedForAll(address owner, address operator) external view returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "../utils/introspection/IERC165.sol";// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.5.0;
/// @title Callback for IUniswapV3PoolActions#swap
/// @notice Any contract that calls IUniswapV3PoolActions#swap must implement this interface
interface IUniswapV3SwapCallback {
/// @notice Called to `msg.sender` after executing a swap via IUniswapV3Pool#swap.
/// @dev In the implementation you must pay the pool tokens owed for the swap.
/// The caller of this method must be checked to be a UniswapV3Pool deployed by the canonical UniswapV3Factory.
/// amount0Delta and amount1Delta can both be 0 if no tokens were swapped.
/// @param amount0Delta The amount of token0 that was sent (negative) or must be received (positive) by the pool by
/// the end of the swap. If positive, the callback must send that amount of token0 to the pool.
/// @param amount1Delta The amount of token1 that was sent (negative) or must be received (positive) by the pool by
/// the end of the swap. If positive, the callback must send that amount of token1 to the pool.
/// @param data Any data passed through by the caller via the IUniswapV3PoolActions#swap call
function uniswapV3SwapCallback(
int256 amount0Delta,
int256 amount1Delta,
bytes calldata data
) external;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/utils/ERC721Utils.sol)
pragma solidity ^0.8.20;
import {IERC721Receiver} from "../IERC721Receiver.sol";
import {IERC721Errors} from "../../../interfaces/draft-IERC6093.sol";
/**
* @dev Library that provide common ERC-721 utility functions.
*
* See https://eips.ethereum.org/EIPS/eip-721[ERC-721].
*
* _Available since v5.1._
*/
library ERC721Utils {
/**
* @dev Performs an acceptance check for the provided `operator` by calling {IERC721-onERC721Received}
* on the `to` address. The `operator` is generally the address that initiated the token transfer (i.e. `msg.sender`).
*
* The acceptance call is not executed and treated as a no-op if the target address doesn't contain code (i.e. an EOA).
* Otherwise, the recipient must implement {IERC721Receiver-onERC721Received} and return the acceptance magic value to accept
* the transfer.
*/
function checkOnERC721Received(
address operator,
address from,
address to,
uint256 tokenId,
bytes memory data
) internal {
if (to.code.length > 0) {
try IERC721Receiver(to).onERC721Received(operator, from, tokenId, data) returns (bytes4 retval) {
if (retval != IERC721Receiver.onERC721Received.selector) {
// Token rejected
revert IERC721Errors.ERC721InvalidReceiver(to);
}
} catch (bytes memory reason) {
if (reason.length == 0) {
// non-IERC721Receiver implementer
revert IERC721Errors.ERC721InvalidReceiver(to);
} else {
assembly ("memory-safe") {
revert(add(32, reason), mload(reason))
}
}
}
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Strings.sol)
pragma solidity ^0.8.20;
import {Math} from "./math/Math.sol";
import {SafeCast} from "./math/SafeCast.sol";
import {SignedMath} from "./math/SignedMath.sol";
/**
* @dev String operations.
*/
library Strings {
using SafeCast for *;
bytes16 private constant HEX_DIGITS = "0123456789abcdef";
uint8 private constant ADDRESS_LENGTH = 20;
/**
* @dev The `value` string doesn't fit in the specified `length`.
*/
error StringsInsufficientHexLength(uint256 value, uint256 length);
/**
* @dev The string being parsed contains characters that are not in scope of the given base.
*/
error StringsInvalidChar();
/**
* @dev The string being parsed is not a properly formatted address.
*/
error StringsInvalidAddressFormat();
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
assembly ("memory-safe") {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
assembly ("memory-safe") {
mstore8(ptr, byte(mod(value, 10), HEX_DIGITS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `int256` to its ASCII `string` decimal representation.
*/
function toStringSigned(int256 value) internal pure returns (string memory) {
return string.concat(value < 0 ? "-" : "", toString(SignedMath.abs(value)));
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
uint256 localValue = value;
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = HEX_DIGITS[localValue & 0xf];
localValue >>= 4;
}
if (localValue != 0) {
revert StringsInsufficientHexLength(value, length);
}
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal
* representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its checksummed ASCII `string` hexadecimal
* representation, according to EIP-55.
*/
function toChecksumHexString(address addr) internal pure returns (string memory) {
bytes memory buffer = bytes(toHexString(addr));
// hash the hex part of buffer (skip length + 2 bytes, length 40)
uint256 hashValue;
assembly ("memory-safe") {
hashValue := shr(96, keccak256(add(buffer, 0x22), 40))
}
for (uint256 i = 41; i > 1; --i) {
// possible values for buffer[i] are 48 (0) to 57 (9) and 97 (a) to 102 (f)
if (hashValue & 0xf > 7 && uint8(buffer[i]) > 96) {
// case shift by xoring with 0x20
buffer[i] ^= 0x20;
}
hashValue >>= 4;
}
return string(buffer);
}
/**
* @dev Returns true if the two strings are equal.
*/
function equal(string memory a, string memory b) internal pure returns (bool) {
return bytes(a).length == bytes(b).length && keccak256(bytes(a)) == keccak256(bytes(b));
}
/**
* @dev Parse a decimal string and returns the value as a `uint256`.
*
* Requirements:
* - The string must be formatted as `[0-9]*`
* - The result must fit into an `uint256` type
*/
function parseUint(string memory input) internal pure returns (uint256) {
return parseUint(input, 0, bytes(input).length);
}
/**
* @dev Variant of {parseUint} that parses a substring of `input` located between position `begin` (included) and
* `end` (excluded).
*
* Requirements:
* - The substring must be formatted as `[0-9]*`
* - The result must fit into an `uint256` type
*/
function parseUint(string memory input, uint256 begin, uint256 end) internal pure returns (uint256) {
(bool success, uint256 value) = tryParseUint(input, begin, end);
if (!success) revert StringsInvalidChar();
return value;
}
/**
* @dev Variant of {parseUint-string} that returns false if the parsing fails because of an invalid character.
*
* NOTE: This function will revert if the result does not fit in a `uint256`.
*/
function tryParseUint(string memory input) internal pure returns (bool success, uint256 value) {
return tryParseUint(input, 0, bytes(input).length);
}
/**
* @dev Variant of {parseUint-string-uint256-uint256} that returns false if the parsing fails because of an invalid
* character.
*
* NOTE: This function will revert if the result does not fit in a `uint256`.
*/
function tryParseUint(
string memory input,
uint256 begin,
uint256 end
) internal pure returns (bool success, uint256 value) {
bytes memory buffer = bytes(input);
uint256 result = 0;
for (uint256 i = begin; i < end; ++i) {
uint8 chr = _tryParseChr(bytes1(_unsafeReadBytesOffset(buffer, i)));
if (chr > 9) return (false, 0);
result *= 10;
result += chr;
}
return (true, result);
}
/**
* @dev Parse a decimal string and returns the value as a `int256`.
*
* Requirements:
* - The string must be formatted as `[-+]?[0-9]*`
* - The result must fit in an `int256` type.
*/
function parseInt(string memory input) internal pure returns (int256) {
return parseInt(input, 0, bytes(input).length);
}
/**
* @dev Variant of {parseInt-string} that parses a substring of `input` located between position `begin` (included) and
* `end` (excluded).
*
* Requirements:
* - The substring must be formatted as `[-+]?[0-9]*`
* - The result must fit in an `int256` type.
*/
function parseInt(string memory input, uint256 begin, uint256 end) internal pure returns (int256) {
(bool success, int256 value) = tryParseInt(input, begin, end);
if (!success) revert StringsInvalidChar();
return value;
}
/**
* @dev Variant of {parseInt-string} that returns false if the parsing fails because of an invalid character or if
* the result does not fit in a `int256`.
*
* NOTE: This function will revert if the absolute value of the result does not fit in a `uint256`.
*/
function tryParseInt(string memory input) internal pure returns (bool success, int256 value) {
return tryParseInt(input, 0, bytes(input).length);
}
uint256 private constant ABS_MIN_INT256 = 2 ** 255;
/**
* @dev Variant of {parseInt-string-uint256-uint256} that returns false if the parsing fails because of an invalid
* character or if the result does not fit in a `int256`.
*
* NOTE: This function will revert if the absolute value of the result does not fit in a `uint256`.
*/
function tryParseInt(
string memory input,
uint256 begin,
uint256 end
) internal pure returns (bool success, int256 value) {
bytes memory buffer = bytes(input);
// Check presence of a negative sign.
bytes1 sign = bytes1(_unsafeReadBytesOffset(buffer, begin));
bool positiveSign = sign == bytes1("+");
bool negativeSign = sign == bytes1("-");
uint256 offset = (positiveSign || negativeSign).toUint();
(bool absSuccess, uint256 absValue) = tryParseUint(input, begin + offset, end);
if (absSuccess && absValue < ABS_MIN_INT256) {
return (true, negativeSign ? -int256(absValue) : int256(absValue));
} else if (absSuccess && negativeSign && absValue == ABS_MIN_INT256) {
return (true, type(int256).min);
} else return (false, 0);
}
/**
* @dev Parse a hexadecimal string (with or without "0x" prefix), and returns the value as a `uint256`.
*
* Requirements:
* - The string must be formatted as `(0x)?[0-9a-fA-F]*`
* - The result must fit in an `uint256` type.
*/
function parseHexUint(string memory input) internal pure returns (uint256) {
return parseHexUint(input, 0, bytes(input).length);
}
/**
* @dev Variant of {parseHexUint} that parses a substring of `input` located between position `begin` (included) and
* `end` (excluded).
*
* Requirements:
* - The substring must be formatted as `(0x)?[0-9a-fA-F]*`
* - The result must fit in an `uint256` type.
*/
function parseHexUint(string memory input, uint256 begin, uint256 end) internal pure returns (uint256) {
(bool success, uint256 value) = tryParseHexUint(input, begin, end);
if (!success) revert StringsInvalidChar();
return value;
}
/**
* @dev Variant of {parseHexUint-string} that returns false if the parsing fails because of an invalid character.
*
* NOTE: This function will revert if the result does not fit in a `uint256`.
*/
function tryParseHexUint(string memory input) internal pure returns (bool success, uint256 value) {
return tryParseHexUint(input, 0, bytes(input).length);
}
/**
* @dev Variant of {parseHexUint-string-uint256-uint256} that returns false if the parsing fails because of an
* invalid character.
*
* NOTE: This function will revert if the result does not fit in a `uint256`.
*/
function tryParseHexUint(
string memory input,
uint256 begin,
uint256 end
) internal pure returns (bool success, uint256 value) {
bytes memory buffer = bytes(input);
// skip 0x prefix if present
bool hasPrefix = bytes2(_unsafeReadBytesOffset(buffer, begin)) == bytes2("0x");
uint256 offset = hasPrefix.toUint() * 2;
uint256 result = 0;
for (uint256 i = begin + offset; i < end; ++i) {
uint8 chr = _tryParseChr(bytes1(_unsafeReadBytesOffset(buffer, i)));
if (chr > 15) return (false, 0);
result *= 16;
unchecked {
// Multiplying by 16 is equivalent to a shift of 4 bits (with additional overflow check).
// This guaratees that adding a value < 16 will not cause an overflow, hence the unchecked.
result += chr;
}
}
return (true, result);
}
/**
* @dev Parse a hexadecimal string (with or without "0x" prefix), and returns the value as an `address`.
*
* Requirements:
* - The string must be formatted as `(0x)?[0-9a-fA-F]{40}`
*/
function parseAddress(string memory input) internal pure returns (address) {
return parseAddress(input, 0, bytes(input).length);
}
/**
* @dev Variant of {parseAddress} that parses a substring of `input` located between position `begin` (included) and
* `end` (excluded).
*
* Requirements:
* - The substring must be formatted as `(0x)?[0-9a-fA-F]{40}`
*/
function parseAddress(string memory input, uint256 begin, uint256 end) internal pure returns (address) {
(bool success, address value) = tryParseAddress(input, begin, end);
if (!success) revert StringsInvalidAddressFormat();
return value;
}
/**
* @dev Variant of {parseAddress-string} that returns false if the parsing fails because the input is not a properly
* formatted address. See {parseAddress} requirements.
*/
function tryParseAddress(string memory input) internal pure returns (bool success, address value) {
return tryParseAddress(input, 0, bytes(input).length);
}
/**
* @dev Variant of {parseAddress-string-uint256-uint256} that returns false if the parsing fails because input is not a properly
* formatted address. See {parseAddress} requirements.
*/
function tryParseAddress(
string memory input,
uint256 begin,
uint256 end
) internal pure returns (bool success, address value) {
// check that input is the correct length
bool hasPrefix = bytes2(_unsafeReadBytesOffset(bytes(input), begin)) == bytes2("0x");
uint256 expectedLength = 40 + hasPrefix.toUint() * 2;
if (end - begin == expectedLength) {
// length guarantees that this does not overflow, and value is at most type(uint160).max
(bool s, uint256 v) = tryParseHexUint(input, begin, end);
return (s, address(uint160(v)));
} else {
return (false, address(0));
}
}
function _tryParseChr(bytes1 chr) private pure returns (uint8) {
uint8 value = uint8(chr);
// Try to parse `chr`:
// - Case 1: [0-9]
// - Case 2: [a-f]
// - Case 3: [A-F]
// - otherwise not supported
unchecked {
if (value > 47 && value < 58) value -= 48;
else if (value > 96 && value < 103) value -= 87;
else if (value > 64 && value < 71) value -= 55;
else return type(uint8).max;
}
return value;
}
/**
* @dev Reads a bytes32 from a bytes array without bounds checking.
*
* NOTE: making this function internal would mean it could be used with memory unsafe offset, and marking the
* assembly block as such would prevent some optimizations.
*/
function _unsafeReadBytesOffset(bytes memory buffer, uint256 offset) private pure returns (bytes32 value) {
// This is not memory safe in the general case, but all calls to this private function are within bounds.
assembly ("memory-safe") {
value := mload(add(buffer, add(0x20, offset)))
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/IERC4906.sol)
pragma solidity ^0.8.20;
import {IERC165} from "./IERC165.sol";
import {IERC721} from "./IERC721.sol";
/// @title ERC-721 Metadata Update Extension
interface IERC4906 is IERC165, IERC721 {
/// @dev This event emits when the metadata of a token is changed.
/// So that the third-party platforms such as NFT market could
/// timely update the images and related attributes of the NFT.
event MetadataUpdate(uint256 _tokenId);
/// @dev This event emits when the metadata of a range of tokens is changed.
/// So that the third-party platforms such as NFT market could
/// timely update the images and related attributes of the NFTs.
event BatchMetadataUpdate(uint256 _fromTokenId, uint256 _toTokenId);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/IERC165.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/IERC721Receiver.sol)
pragma solidity ^0.8.20;
/**
* @title ERC-721 token receiver interface
* @dev Interface for any contract that wants to support safeTransfers
* from ERC-721 asset contracts.
*/
interface IERC721Receiver {
/**
* @dev Whenever an {IERC721} `tokenId` token is transferred to this contract via {IERC721-safeTransferFrom}
* by `operator` from `from`, this function is called.
*
* It must return its Solidity selector to confirm the token transfer.
* If any other value is returned or the interface is not implemented by the recipient, the transfer will be
* reverted.
*
* The selector can be obtained in Solidity with `IERC721Receiver.onERC721Received.selector`.
*/
function onERC721Received(
address operator,
address from,
uint256 tokenId,
bytes calldata data
) external returns (bytes4);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SignedMath.sol)
pragma solidity ^0.8.20;
import {SafeCast} from "./SafeCast.sol";
/**
* @dev Standard signed math utilities missing in the Solidity language.
*/
library SignedMath {
/**
* @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
*
* IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
* However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
* one branch when needed, making this function more expensive.
*/
function ternary(bool condition, int256 a, int256 b) internal pure returns (int256) {
unchecked {
// branchless ternary works because:
// b ^ (a ^ b) == a
// b ^ 0 == b
return b ^ ((a ^ b) * int256(SafeCast.toUint(condition)));
}
}
/**
* @dev Returns the largest of two signed numbers.
*/
function max(int256 a, int256 b) internal pure returns (int256) {
return ternary(a > b, a, b);
}
/**
* @dev Returns the smallest of two signed numbers.
*/
function min(int256 a, int256 b) internal pure returns (int256) {
return ternary(a < b, a, b);
}
/**
* @dev Returns the average of two signed numbers without overflow.
* The result is rounded towards zero.
*/
function average(int256 a, int256 b) internal pure returns (int256) {
// Formula from the book "Hacker's Delight"
int256 x = (a & b) + ((a ^ b) >> 1);
return x + (int256(uint256(x) >> 255) & (a ^ b));
}
/**
* @dev Returns the absolute unsigned value of a signed value.
*/
function abs(int256 n) internal pure returns (uint256) {
unchecked {
// Formula from the "Bit Twiddling Hacks" by Sean Eron Anderson.
// Since `n` is a signed integer, the generated bytecode will use the SAR opcode to perform the right shift,
// taking advantage of the most significant (or "sign" bit) in two's complement representation.
// This opcode adds new most significant bits set to the value of the previous most significant bit. As a result,
// the mask will either be `bytes32(0)` (if n is positive) or `~bytes32(0)` (if n is negative).
int256 mask = n >> 255;
// A `bytes32(0)` mask leaves the input unchanged, while a `~bytes32(0)` mask complements it.
return uint256((n + mask) ^ mask);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC721.sol)
pragma solidity ^0.8.20;
import {IERC721} from "../token/ERC721/IERC721.sol";{
"remappings": [
"@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/",
"ds-test/=lib/openzeppelin-contracts/lib/forge-std/lib/ds-test/src/",
"erc4626-tests/=lib/openzeppelin-contracts/lib/erc4626-tests/",
"forge-std/=lib/forge-std/src/",
"halmos-cheatcodes/=lib/openzeppelin-contracts/lib/halmos-cheatcodes/src/",
"openzeppelin-contracts/=lib/openzeppelin-contracts/",
"v2-core/=lib/v2-core/contracts/",
"v2-periphery/=lib/v2-periphery/contracts/",
"v3-core/=lib/v3-core/",
"v3-periphery/=lib/v3-periphery/contracts/",
"@uniswap/v3-core/=lib/v3-core/",
"@uniswap/v3-periphery/=lib/v3-periphery/",
"@uniswap/v2-core/=lib/v2-core/",
"@uniswap/v2-periphery/=lib/v2-periphery/",
"@utils/=src/utils/",
"@libs/=src/libs/",
"@actions/=src/actions/",
"@core/=src/core/",
"@interfaces/=src/interfaces/",
"@const/=src/const/",
"@test/=test/mocks/",
"@script/=script/"
],
"optimizer": {
"enabled": true,
"runs": 200
},
"metadata": {
"useLiteralContent": false,
"bytecodeHash": "ipfs",
"appendCBOR": true
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"evmVersion": "cancun",
"viaIR": true,
"libraries": {
"src/utils/Time.sol": {
"Time": "0x4bCBfD58f1d3149c49130030636Be6e773C86a6f"
}
}
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
[{"inputs":[{"internalType":"address","name":"_titanX","type":"address"},{"internalType":"address","name":"_dragonX","type":"address"},{"internalType":"address","name":"_quoter","type":"address"},{"internalType":"address","name":"_uniswapV3PositionManager","type":"address"}],"stateMutability":"payable","type":"constructor"},{"inputs":[{"internalType":"address","name":"spender","type":"address"},{"internalType":"uint256","name":"allowance","type":"uint256"},{"internalType":"uint256","name":"needed","type":"uint256"}],"name":"ERC20InsufficientAllowance","type":"error"},{"inputs":[{"internalType":"address","name":"sender","type":"address"},{"internalType":"uint256","name":"balance","type":"uint256"},{"internalType":"uint256","name":"needed","type":"uint256"}],"name":"ERC20InsufficientBalance","type":"error"},{"inputs":[{"internalType":"address","name":"approver","type":"address"}],"name":"ERC20InvalidApprover","type":"error"},{"inputs":[{"internalType":"address","name":"receiver","type":"address"}],"name":"ERC20InvalidReceiver","type":"error"},{"inputs":[{"internalType":"address","name":"sender","type":"address"}],"name":"ERC20InvalidSender","type":"error"},{"inputs":[{"internalType":"address","name":"spender","type":"address"}],"name":"ERC20InvalidSpender","type":"error"},{"inputs":[],"name":"OnlyAuction","type":"error"},{"inputs":[{"internalType":"address","name":"owner","type":"address"}],"name":"OwnableInvalidOwner","type":"error"},{"inputs":[{"internalType":"address","name":"account","type":"address"}],"name":"OwnableUnauthorizedAccount","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"owner","type":"address"},{"indexed":true,"internalType":"address","name":"spender","type":"address"},{"indexed":false,"internalType":"uint256","name":"value","type":"uint256"}],"name":"Approval","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferStarted","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferred","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"from","type":"address"},{"indexed":true,"internalType":"address","name":"to","type":"address"},{"indexed":false,"internalType":"uint256","name":"value","type":"uint256"}],"name":"Transfer","type":"event"},{"inputs":[],"name":"acceptOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"owner","type":"address"},{"internalType":"address","name":"spender","type":"address"}],"name":"allowance","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"spender","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"}],"name":"approve","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"ascendantPride","outputs":[{"internalType":"contract AscendantPride","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"auction","outputs":[{"internalType":"contract AscendantAuction","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"account","type":"address"}],"name":"balanceOf","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"value","type":"uint256"}],"name":"burn","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"account","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"}],"name":"burnFrom","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"buyAndBurn","outputs":[{"internalType":"contract AscendantBuyAndBurn","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"decimals","outputs":[{"internalType":"uint8","name":"","type":"uint8"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"dragonXAscendantPool","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"emitForAuction","outputs":[{"internalType":"uint256","name":"emitted","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"emitForLp","outputs":[{"internalType":"uint256","name":"emitted","type":"uint256"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"name","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"owner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"pendingOwner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"renounceOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address payable","name":"_ascendantAuction","type":"address"}],"name":"setAscendantAuction","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"_ascendantBuyAndBurn","type":"address"}],"name":"setAscendantBuyAndBurn","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"symbol","outputs":[{"internalType":"string","name":"","type":"string"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"totalSupply","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"to","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"}],"name":"transfer","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"from","type":"address"},{"internalType":"address","name":"to","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"}],"name":"transferFrom","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"}]Contract Creation Code
60a0806040526080816114a8803803809161001a82856107c6565b8339810103126105085761002d816107e9565b9061003a602082016107e9565b610052606061004b604085016107e9565b93016107e9565b926040516100616040826107c6565b600d81526c20b9b1b2b73230b73a173bb4b760991b60208201526040519061008a6040836107c6565b6006825265105cd8d95b9960d21b60208301528051906001600160401b0382116106c95760035490600182811c921680156107bc575b60208310146106ab5781601f84931161074e575b50602090601f83116001146106e8575f926106dd575b50508160011b915f199060031b1c1916176003555b8051906001600160401b0382116106c95760045490600182811c921680156106bf575b60208310146106ab5781601f84931161063d575b50602090601f83116001146105d7575f926105cc575b50508160011b915f199060031b1c1916176004555b33156105b957600680546001600160a01b0319908116909155600580543392811683179091556001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e05f80a36002546a295be96e6406697200000081018091116105465760025573c3f351f58b4caf38fd76623c1bed015e591075065f525f60205260405f206a295be96e64066972000000815401905573c3f351f58b4caf38fd76623c1bed015e591075065f5f5160206114885f395f51905f5260206040516a295be96e640669720000008152a36002546aee3a5f48a68b5520000000810180911161054657606491602091600255335f525f825260405f206aee3a5f48a68b552000000081540190556040516aee3a5f48a68b552000000081525f5f5160206114885f395f51905f52843393a36040516001600160601b0319606092831b811684830190815261027160ec1b60348401529286901b166037820152602b81526001600160a01b03851695906102e0604b826107c6565b5f60405195868095819463cdca175360e01b8352604060048401525180918160448501528484015e81810183018490526b2d3c8750bd670354b00000006024830152601f01601f191681010301926001600160a01b03165af19081156104fd575f91610587575b508230105f1461058057305b6001600160a01b031692830361056e576a0422ca8b0a00a4250000005b670de0b6b3a7640000810290808204670de0b6b3a7640000149015171561054657811561055a5704928360018060881b031060071b84811c60018060481b031060061b1784811c64ffffffffff1060051b1784811c62ffffff1060041b1760b56201000086831c019160011c1b0260121c8085040160011c8085040160011c8085040160011c8085040160011c8085040160011c8085040160011c8085040160011c808095041093848103948560601b9586046c010000000000000000000000001491141715610546576040516309f56ab160e11b815260048101939093526001600160a01b0391821660248401526127106044840152633b9aca00909304811660648301529091602091839160849183915f91165af19081156104fd575f9161050c575b506001600160a01b038116803b15610508575f80916024604051809481936332148f6760e01b835260c860048401525af180156104fd576104ed575b50608052604051610c8a90816107fe8239608051816106a50152f35b5f6104f7916107c6565b5f6104d1565b6040513d5f823e3d90fd5b5f80fd5b90506020813d60201161053e575b81610527602093836107c6565b8101031261050857610538906107e9565b5f610495565b3d915061051a565b634e487b7160e01b5f52601160045260245ffd5b634e487b7160e01b5f52601260045260245ffd5b6a0422ca8b0a00a42500000090610370565b3091610353565b90506020813d6020116105b1575b816105a2602093836107c6565b8101031261050857515f610347565b3d9150610595565b631e4fbdf760e01b5f525f60045260245ffd5b015190505f8061014c565b60045f9081528281209350601f198516905b818110610625575090846001959493921061060d575b505050811b01600455610161565b01515f1960f88460031b161c191690555f80806105ff565b929360206001819287860151815501950193016105e9565b60045f529091507f8a35acfbc15ff81a39ae7d344fd709f28e8600b4aa8c65c6b64bfe7fe36bd19b601f840160051c810191602085106106a1575b90601f859493920160051c01905b8181106106935750610136565b5f8155849350600101610686565b9091508190610678565b634e487b7160e01b5f52602260045260245ffd5b91607f1691610122565b634e487b7160e01b5f52604160045260245ffd5b015190505f806100ea565b60035f9081528281209350601f198516905b818110610736575090846001959493921061071e575b505050811b016003556100ff565b01515f1960f88460031b161c191690555f8080610710565b929360206001819287860151815501950193016106fa565b60035f529091507fc2575a0e9e593c00f959f8c92f12db2869c3395a3b0502d05e2516446f71f85b601f840160051c810191602085106107b2575b90601f859493920160051c01905b8181106107a457506100d4565b5f8155849350600101610797565b9091508190610789565b91607f16916100c0565b601f909101601f19168101906001600160401b038211908210176106c957604052565b51906001600160a01b03821682036105085756fe6080806040526004361015610012575f80fd5b5f3560e01c90816306fdde031461088357508063095ea7b3146107db57806318160ddd146107be5780631faa362c1461076a578063231d15a81461072757806323b872dd146106ef578063313ce567146106d457806331dfb1161461069057806342966c68146106735780634b552deb1461059c57806370a0823114610565578063715018a61461050057806379ba50971461047a57806379cc6790146104485780637d9f6db5146104205780638da5cb5b146103f857806395d89b41146102f4578063a9059cbb146102c3578063aa6df2991461029b578063ac58b93314610273578063dd62ed3e14610223578063e087b864146101bc578063e30c3978146101945763f2fde38b14610124575f80fd5b346101905760203660031901126101905761013d610965565b6101456109ea565b600680546001600160a01b0319166001600160a01b039283169081179091556005549091167f38d16b8cac22d99fc7c124b9cd0de2d3fa1faef420bfe791d8c362d765e227005f80a3005b5f80fd5b34610190575f366003190112610190576006546040516001600160a01b039091168152602090f35b34610190575f366003190112610190576101d46109c7565b6007546001600160a01b03168015610210576a52b7d2dcc80cd2e40000006101fb91610bcf565b60206040516a52b7d2dcc80cd2e40000008152f35b63ec442f0560e01b5f525f60045260245ffd5b346101905760403660031901126101905761023c610965565b61024461097b565b6001600160a01b039182165f908152600160209081526040808320949093168252928352819020549051908152f35b34610190575f366003190112610190576009546040516001600160a01b039091168152602090f35b34610190575f366003190112610190576008546040516001600160a01b039091168152602090f35b34610190576040366003190112610190576102e96102df610965565b6024359033610aa1565b602060405160018152f35b34610190575f366003190112610190576040515f6004548060011c906001811680156103ee575b6020831081146103da578285529081156103b65750600114610358575b6103548361034881850382610991565b6040519182918261093b565b0390f35b91905060045f527f8a35acfbc15ff81a39ae7d344fd709f28e8600b4aa8c65c6b64bfe7fe36bd19b915f905b80821061039c57509091508101602001610348610338565b919260018160209254838588010152019101909291610384565b60ff191660208086019190915291151560051b840190910191506103489050610338565b634e487b7160e01b5f52602260045260245ffd5b91607f169161031b565b34610190575f366003190112610190576005546040516001600160a01b039091168152602090f35b34610190575f366003190112610190576007546040516001600160a01b039091168152602090f35b3461019057604036600319011261019057610478610464610965565b602435906104738233836109fe565b610b4b565b005b34610190575f36600319011261019057600654336001600160a01b03909116036104ed57600680546001600160a01b0319908116909155600580543392811683179091556001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e05f80a3005b63118cdaa760e01b5f523360045260245ffd5b34610190575f366003190112610190576105186109ea565b600680546001600160a01b03199081169091556005805491821690555f906001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08280a3005b34610190576020366003190112610190576001600160a01b03610586610965565b165f525f602052602060405f2054604051908152f35b34610190576020366003190112610190576004356001600160a01b038116908190036101905760206004916105cf6109ea565b600780546001600160a01b0319168217905560405163ac58b93360e01b815292839182905afa908115610668575f91610626575b50600980546001600160a01b0319166001600160a01b0392909216919091179055005b90506020813d602011610660575b8161064160209383610991565b8101031261019057516001600160a01b03811681036101905781610603565b3d9150610634565b6040513d5f823e3d90fd5b346101905760203660031901126101905761047860043533610b4b565b34610190575f366003190112610190576040517f00000000000000000000000000000000000000000000000000000000000000006001600160a01b03168152602090f35b34610190575f36600319011261019057602060405160128152f35b34610190576060366003190112610190576102e961070b610965565b61071361097b565b604435916107228333836109fe565b610aa1565b3461019057602036600319011261019057610740610965565b6107486109ea565b600880546001600160a01b0319166001600160a01b0392909216919091179055005b34610190575f366003190112610190576107826109c7565b6007546001600160a01b03168015610210576a0422ca8b0a00a4250000006107a991610bcf565b60206040516a0422ca8b0a00a4250000008152f35b34610190575f366003190112610190576020600254604051908152f35b34610190576040366003190112610190576107f4610965565b602435903315610870576001600160a01b031690811561085d57335f52600160205260405f20825f526020528060405f20556040519081527f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b92560203392a3602060405160018152f35b634a1406b160e11b5f525f60045260245ffd5b63e602df0560e01b5f525f60045260245ffd5b34610190575f366003190112610190575f6003548060011c90600181168015610931575b6020831081146103da578285529081156103b657506001146108d3576103548361034881850382610991565b91905060035f527fc2575a0e9e593c00f959f8c92f12db2869c3395a3b0502d05e2516446f71f85b915f905b80821061091757509091508101602001610348610338565b9192600181602092548385880101520191019092916108ff565b91607f16916108a7565b602060409281835280519182918282860152018484015e5f828201840152601f01601f1916010190565b600435906001600160a01b038216820361019057565b602435906001600160a01b038216820361019057565b90601f8019910116810190811067ffffffffffffffff8211176109b357604052565b634e487b7160e01b5f52604160045260245ffd5b6007546001600160a01b031633036109db57565b63d75a484960e01b5f5260045ffd5b6005546001600160a01b031633036104ed57565b6001600160a01b039081165f818152600160209081526040808320948616835293905291909120549291905f198410610a38575b50505050565b828410610a7e578015610870576001600160a01b0382161561085d575f52600160205260405f209060018060a01b03165f5260205260405f20910390555f808080610a32565b508290637dc7a0d960e11b5f5260018060a01b031660045260245260445260645ffd5b6001600160a01b0316908115610b38576001600160a01b031691821561021057815f525f60205260405f2054818110610b1f57817fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef92602092855f525f84520360405f2055845f525f825260405f20818154019055604051908152a3565b8263391434e360e21b5f5260045260245260445260645ffd5b634b637e8f60e11b5f525f60045260245ffd5b9091906001600160a01b03168015610b3857805f525f60205260405f2054838110610bb5576020845f94957fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef938587528684520360408620558060025403600255604051908152a3565b915063391434e360e21b5f5260045260245260445260645ffd5b60025490828201809211610c40576002919091556001600160a01b0316905f907fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef9060209084610c2b5780600254036002555b604051908152a3565b84845283825260408420818154019055610c22565b634e487b7160e01b5f52601160045260245ffdfea2646970667358221220d958a63ac9e3a0f52fc4d432c5e535665d73930ddc0026621f07e7cd2dabbe8a64736f6c634300081b0033ddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef000000000000000000000000f19308f923582a6f7c465e5ce7a9dc1bec6665b100000000000000000000000096a5399d07896f757bd4c6ef56461f58db951862000000000000000000000000b27308f9f90d607463bb33ea1bebb41c27ce5ab6000000000000000000000000c36442b4a4522e871399cd717abdd847ab11fe88
Deployed Bytecode
0x6080806040526004361015610012575f80fd5b5f3560e01c90816306fdde031461088357508063095ea7b3146107db57806318160ddd146107be5780631faa362c1461076a578063231d15a81461072757806323b872dd146106ef578063313ce567146106d457806331dfb1161461069057806342966c68146106735780634b552deb1461059c57806370a0823114610565578063715018a61461050057806379ba50971461047a57806379cc6790146104485780637d9f6db5146104205780638da5cb5b146103f857806395d89b41146102f4578063a9059cbb146102c3578063aa6df2991461029b578063ac58b93314610273578063dd62ed3e14610223578063e087b864146101bc578063e30c3978146101945763f2fde38b14610124575f80fd5b346101905760203660031901126101905761013d610965565b6101456109ea565b600680546001600160a01b0319166001600160a01b039283169081179091556005549091167f38d16b8cac22d99fc7c124b9cd0de2d3fa1faef420bfe791d8c362d765e227005f80a3005b5f80fd5b34610190575f366003190112610190576006546040516001600160a01b039091168152602090f35b34610190575f366003190112610190576101d46109c7565b6007546001600160a01b03168015610210576a52b7d2dcc80cd2e40000006101fb91610bcf565b60206040516a52b7d2dcc80cd2e40000008152f35b63ec442f0560e01b5f525f60045260245ffd5b346101905760403660031901126101905761023c610965565b61024461097b565b6001600160a01b039182165f908152600160209081526040808320949093168252928352819020549051908152f35b34610190575f366003190112610190576009546040516001600160a01b039091168152602090f35b34610190575f366003190112610190576008546040516001600160a01b039091168152602090f35b34610190576040366003190112610190576102e96102df610965565b6024359033610aa1565b602060405160018152f35b34610190575f366003190112610190576040515f6004548060011c906001811680156103ee575b6020831081146103da578285529081156103b65750600114610358575b6103548361034881850382610991565b6040519182918261093b565b0390f35b91905060045f527f8a35acfbc15ff81a39ae7d344fd709f28e8600b4aa8c65c6b64bfe7fe36bd19b915f905b80821061039c57509091508101602001610348610338565b919260018160209254838588010152019101909291610384565b60ff191660208086019190915291151560051b840190910191506103489050610338565b634e487b7160e01b5f52602260045260245ffd5b91607f169161031b565b34610190575f366003190112610190576005546040516001600160a01b039091168152602090f35b34610190575f366003190112610190576007546040516001600160a01b039091168152602090f35b3461019057604036600319011261019057610478610464610965565b602435906104738233836109fe565b610b4b565b005b34610190575f36600319011261019057600654336001600160a01b03909116036104ed57600680546001600160a01b0319908116909155600580543392811683179091556001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e05f80a3005b63118cdaa760e01b5f523360045260245ffd5b34610190575f366003190112610190576105186109ea565b600680546001600160a01b03199081169091556005805491821690555f906001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08280a3005b34610190576020366003190112610190576001600160a01b03610586610965565b165f525f602052602060405f2054604051908152f35b34610190576020366003190112610190576004356001600160a01b038116908190036101905760206004916105cf6109ea565b600780546001600160a01b0319168217905560405163ac58b93360e01b815292839182905afa908115610668575f91610626575b50600980546001600160a01b0319166001600160a01b0392909216919091179055005b90506020813d602011610660575b8161064160209383610991565b8101031261019057516001600160a01b03811681036101905781610603565b3d9150610634565b6040513d5f823e3d90fd5b346101905760203660031901126101905761047860043533610b4b565b34610190575f366003190112610190576040517f000000000000000000000000e8cc60f526bec8c663c6eec5a65efae9d89ee6ad6001600160a01b03168152602090f35b34610190575f36600319011261019057602060405160128152f35b34610190576060366003190112610190576102e961070b610965565b61071361097b565b604435916107228333836109fe565b610aa1565b3461019057602036600319011261019057610740610965565b6107486109ea565b600880546001600160a01b0319166001600160a01b0392909216919091179055005b34610190575f366003190112610190576107826109c7565b6007546001600160a01b03168015610210576a0422ca8b0a00a4250000006107a991610bcf565b60206040516a0422ca8b0a00a4250000008152f35b34610190575f366003190112610190576020600254604051908152f35b34610190576040366003190112610190576107f4610965565b602435903315610870576001600160a01b031690811561085d57335f52600160205260405f20825f526020528060405f20556040519081527f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b92560203392a3602060405160018152f35b634a1406b160e11b5f525f60045260245ffd5b63e602df0560e01b5f525f60045260245ffd5b34610190575f366003190112610190575f6003548060011c90600181168015610931575b6020831081146103da578285529081156103b657506001146108d3576103548361034881850382610991565b91905060035f527fc2575a0e9e593c00f959f8c92f12db2869c3395a3b0502d05e2516446f71f85b915f905b80821061091757509091508101602001610348610338565b9192600181602092548385880101520191019092916108ff565b91607f16916108a7565b602060409281835280519182918282860152018484015e5f828201840152601f01601f1916010190565b600435906001600160a01b038216820361019057565b602435906001600160a01b038216820361019057565b90601f8019910116810190811067ffffffffffffffff8211176109b357604052565b634e487b7160e01b5f52604160045260245ffd5b6007546001600160a01b031633036109db57565b63d75a484960e01b5f5260045ffd5b6005546001600160a01b031633036104ed57565b6001600160a01b039081165f818152600160209081526040808320948616835293905291909120549291905f198410610a38575b50505050565b828410610a7e578015610870576001600160a01b0382161561085d575f52600160205260405f209060018060a01b03165f5260205260405f20910390555f808080610a32565b508290637dc7a0d960e11b5f5260018060a01b031660045260245260445260645ffd5b6001600160a01b0316908115610b38576001600160a01b031691821561021057815f525f60205260405f2054818110610b1f57817fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef92602092855f525f84520360405f2055845f525f825260405f20818154019055604051908152a3565b8263391434e360e21b5f5260045260245260445260645ffd5b634b637e8f60e11b5f525f60045260245ffd5b9091906001600160a01b03168015610b3857805f525f60205260405f2054838110610bb5576020845f94957fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef938587528684520360408620558060025403600255604051908152a3565b915063391434e360e21b5f5260045260245260445260645ffd5b60025490828201809211610c40576002919091556001600160a01b0316905f907fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef9060209084610c2b5780600254036002555b604051908152a3565b84845283825260408420818154019055610c22565b634e487b7160e01b5f52601160045260245ffdfea2646970667358221220d958a63ac9e3a0f52fc4d432c5e535665d73930ddc0026621f07e7cd2dabbe8a64736f6c634300081b0033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
000000000000000000000000f19308f923582a6f7c465e5ce7a9dc1bec6665b100000000000000000000000096a5399d07896f757bd4c6ef56461f58db951862000000000000000000000000b27308f9f90d607463bb33ea1bebb41c27ce5ab6000000000000000000000000c36442b4a4522e871399cd717abdd847ab11fe88
-----Decoded View---------------
Arg [0] : _titanX (address): 0xF19308F923582A6f7c465e5CE7a9Dc1BEC6665B1
Arg [1] : _dragonX (address): 0x96a5399D07896f757Bd4c6eF56461F58DB951862
Arg [2] : _quoter (address): 0xb27308f9F90D607463bb33eA1BeBb41C27CE5AB6
Arg [3] : _uniswapV3PositionManager (address): 0xC36442b4a4522E871399CD717aBDD847Ab11FE88
-----Encoded View---------------
4 Constructor Arguments found :
Arg [0] : 000000000000000000000000f19308f923582a6f7c465e5ce7a9dc1bec6665b1
Arg [1] : 00000000000000000000000096a5399d07896f757bd4c6ef56461f58db951862
Arg [2] : 000000000000000000000000b27308f9f90d607463bb33ea1bebb41c27ce5ab6
Arg [3] : 000000000000000000000000c36442b4a4522e871399cd717abdd847ab11fe88
Loading...
Loading
Loading...
Loading
[ Download: CSV Export ]
[ Download: CSV Export ]
A token is a representation of an on-chain or off-chain asset. The token page shows information such as price, total supply, holders, transfers and social links. Learn more about this page in our Knowledge Base.